-
-
Notifications
You must be signed in to change notification settings - Fork 213
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Critical] Security Hole #17
Comments
DaneEveritt
added a commit
that referenced
this issue
Dec 6, 2013
DaneEveritt
added a commit
that referenced
this issue
Dec 6, 2013
DaneEveritt
added a commit
that referenced
this issue
Dec 6, 2013
DaneEveritt
added a commit
that referenced
this issue
Dec 6, 2013
This issue has been patched at the time of writing. We will continue to evaluate code to ensure it remains safe. |
This security hole was found to be a non-issue upon further review. All FTP accounts are given unique names and used to identify servers. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It has come to my attention that there is a critical security hole in the software. If you are currently running this installation on a server that people are able to access please disable it.
This bug occurs if two servers on the same node have the same name. The bug would allow for users to access data for the other server via the console and power options. This bug will be patched shortly. Until then you should disable the software or ensure that all servers have a unique name.
The text was updated successfully, but these errors were encountered: