Hi,
just for fun I tried to logon as root (which should IMHO of course not be possible). The webserver (FreeBSD, apache2.0.59, PHP5.2.3, roundcube0.1.20070608) goes up to 100% for 2 minutes like a DoS.
[Wed Aug 08 10:50:07 2007] [error] [client 192.168.0.1] PHP Fatal error: Maximum execution time of 120 seconds exceeded in /var/www/roundcube/program/lib/imap.inc on line 134, referer: https://webmail/ [Wed Aug 08 10:50:07 2007] [error] [client 192.168.0.1] ALERT - canary mismatch on erealloc() - heap overflow detected (attacker '192.168.0.2', file '/var/www/roundcube/program/lib/DB/common.php', line 427), referer: https://webmail/
What's wrong here?
Thanks, Helmut
List info: http://lists.roundcube.net/users/