ispCP Omega 1.0.5 Security Announcement
Posted on: 07/25/2010 04:46 PM

A security patch has been released for ispCP Omega 1.0.5

ispCP Omega 1.0.5 Security Announcement


Dear ispCP Users ;

Today, a new security hole was discovered in ispCP stable release.

This security hole allows your customers to connect to the database (pma) from other customers by passing arbitrary identifiers in the URL via the client/sql_auth.php script.

For better information, and to learn how to fix this security hole, you can read the following ticket:

http://isp-control.net/ispcp/ticket/2410

Note: This security hole also affect all prior versions of ispCP Omega that implement the client/sql_auth.php script.



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/ispcp_omega_105_security_announcement.html)