Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Timothée Bastin on February 19, 2003, 03:50:41 PM

Title: phpinfo in IMP (horde)
Post by: Timothée Bastin on February 19, 2003, 03:50:41 PM: Hi all,

Dutch people please read this: http://www.minddigger.com/phpinfohorde.php

I'll explain the issue for others (non-dutch people :)):

Bas Konings send me a report about a potential security risk. We do not need to exaggerate the issue, but it is recommended to change the rights/permissions on the following file:

/home/httpd/html/horde/test.php

This file gives information about the horde and PHP settings on your system and is readable by everyone by default. I/we think this should be avoided because no one wants to publish this sort information to potentially malicious people :)

I already mailed this to smesecurity@mitel.com

Regards,

Timothée Bastin

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy | Terms and Policies