1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Vulnerability in Plesk 7.5.*

Discussion in 'Plesk for Linux - 8.x and Older' started by BoXie, Sep 30, 2005.

  1. BoXie

    BoXie Guest

    Hi ..

    Probably known already .. but definitely NOT SAFE.

    It is possible for admins / clients and domain owners to create a mailname with a mailbox WITHOUT a password.

    When ignorant users do this .. spammers can take advantage of this to login to the SMTP service and use the server to spam. More worst case scenarios can be possible also i guess.

    So please fix this asap ! But the option to make mailnames without a password and without a mailbox WOULD BE pretty handy i guess (for redirects).