1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

Vulnerability in Plesk 7.5.*

Discussion in 'Plesk for Linux - 8.x and Older' started by BoXie, Sep 30, 2005.

  1. BoXie

    BoXie Guest

    0
     
    Hi ..

    Probably known already .. but definitely NOT SAFE.

    Issue:
    --------
    It is possible for admins / clients and domain owners to create a mailname with a mailbox WITHOUT a password.

    When ignorant users do this .. spammers can take advantage of this to login to the SMTP service and use the server to spam. More worst case scenarios can be possible also i guess.

    So please fix this asap ! But the option to make mailnames without a password and without a mailbox WOULD BE pretty handy i guess (for redirects).
     
Loading...