Home > Directadmin Tricks > Roundcube Bug Found in Directadmin: How to Fix

Roundcube Bug Found in Directadmin: How to Fix

January 4th, 2009 Leave a comment Go to comments

An urgent message came from my hosting service provider. They’re telling me that a vulnerability has been found in Directadmin, and it is related to Roundcube. Since there is no patch available yet, they recommend to do the following to prevent your server going down:

# cd /var/www/html
# rm -rf roundcubemail-* roundcube
# mkdir roundcube
# echo ‘<H2>RoundCube has been disabled for security reasons, see CVE-2008-5619.</H2><BR /><H3>It will return as soon as a patched version get released, thanks for your patience.</H3>’ >roundcube/index.html
# chown -R webapps:webapps roundcube

This will make your DA configuration more secure. The reference number is: CVE-2008-5619



Categories: Directadmin Tricks Tags: , , , , , , , ,
  1. No comments yet.
  1. No trackbacks yet.