Menu
▾
▴
RE: [Phphelpdesk-help] A hole about helpdesk..
|
From: Pim v. S. <pim...@nl...> - 2001-11-20 14:35:04
|
> -----Oorspronkelijk bericht----- > Van: php...@li... > [mailto:php...@li...]Namens Kevin M. > Shortt > Verzonden: dinsdag 20 november 2001 15:08 > Aan: Pim van Stam > CC: php...@li... > Onderwerp: RE: [Phphelpdesk-help] A hole about helpdesk.. > > > > > On Tue, 20 Nov 2001, Pim van Stam wrote: > > > I rather like to know what the leak exactly is and how to solve it. > > Is it possible for anyone to tell? > > > > I posted last week about one issue I discovered. > If the issue is known about, and all default usernames/passwords > are cleaned up properly, then I really isn't any way a user > could get the access. > > The issue I discovered can be read in detail at: > http://sourceforge.net/tracker/index.php?func=detail&aid=48167 > 8&group_id=5706&atid=205706 > > The issue of the demo site password being changed, was that the > default usernames with default privileges were installed and > unchanged. > so anyone familiar with phphelpdesk would be able to guess it, and > comprise the phphelpdesk demo. That's the extent of it really. > > All and all the software is sound. > > To follow the information posted on the url above, click on > the "Browse" > link near the top of the page, that will bring you to the index of > posts for phphelpdesk. > > I hope this helps. > > > -k > Is there a solution, apart from deleting from the database directly by 'mysql'? And if not, if I delete from the table security, with the following, is there anything else left behind? mysql> delete from security where s_user='testuser'; Regards, Pim |
