[Vtigercrm-developers] vTiger mulitple vulnerabilities
Gopal
gopals at vtiger.com
Mon Sep 4 21:38:14 PDT 2006
Dear Team,
Ivan Markovic of www.security-net.biz has identified "moderate risk" security issues in 4.2.x version.
For more details please refer to:
http://www.frsirt.com/english/advisories/2006/3444
Philip has started analyzing the issues and will keep you update the status. In the meantime if you have any solutions please let us share.
Regards,
Gopal
---
S.S.G.Gopal
skype: sripadag
ph: +1 877 788 4437
blog: http://gopal.vtiger.com
---- On Fri, 01 Sep 2006 Tim Smith <smith.timsmith at gmail.com> wrote ----
There are two options:
1. Fix the security flaws
2. Notify the user that their system has the security flaw during install
#2 is only valid if you can detect that all the required security settings are enabled. I guess you could make a request to read the log and notify the user if you were able to. This check could also be done at login time when the administrator logs in.
Personally, I'd rather see the security flaws fixed.
Tim
_______________________________________________
Get started with creating presentations online - http://zohoshow.com?vt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20060904/970d946b/attachment-0004.html
More information about the vtigercrm-developers
mailing list