Hi,
just for fun I tried to logon as root (which should IMHO of course not be
possible). The webserver (FreeBSD, apache2.0.59, PHP5.2.3,
roundcube0.1.20070608) goes up to 100% for 2 minutes like a DoS.
[Wed Aug 08 10:50:07 2007] [error] [client 192.168.0.1] PHP Fatal error:
Maximum execution time of 120 seconds exceeded in
/var/www/roundcube/program/lib/imap.inc on line 134, referer:
https://webmail/
[Wed Aug 08 10:50:07 2007] [error] [client 192.168.0.1] ALERT - canary
mismatch on erealloc() - heap overflow detected (attacker '192.168.0.2',
file '/var/www/roundcube/program/lib/DB/common.php', line 427), referer:
https://webmail/
What's wrong here?
Thanks, Helmut
_______________________________________________
List info: http://lists.roundcube.net/users/
