9 Jan
2009
9 Jan
'09
7:35 a.m.
There have been reports regarding botnet scans for msgimport.sh The file should be investigated for security breaches.
the preg_replace at get_opt seems fishy but I was not able to inject commands to it.
http://stateofsecurity.com/?p=550 http://isc.sans.org/diary.html?storyid=5599&rss http://www.linode.com/forums/archive/o_t/t_3796/roundcube_webmail_scanning.h... http://zastita.com/015038/roundcube-webmail-.html _______________________________________________ List info: http://lists.roundcube.net/dev/