[horde] Security hole?
myhorde@nbiss.com
myhorde at nbiss.com
Wed May 3 08:33:34 PDT 2006
This is from my Apache log file. Request was placed by the outside
user.
/horde/services/download/?module=imp&thismailbox=INBOX&index=24&mailbox=INBOX&actionID=download_attach&id=1.2&mimecache=2b0fe832996f2aaa63be59ce45f51c15&fn=%2Funnamed
The response code was - 200.
Thanks
Quoting Jan Schneider <jan at horde.org>:
> Zitat von Mark M <myhorde at nbiss.com>:
>
>> What happens if horde/services/download is called directly?
>> Does 3.1.1 take care of it?
>
> Huh?
>
> Jan.
>
> --
> Do you need professional PHP or Horde consulting?
> http://horde.org/consulting/
>
> --
> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the horde
mailing list