9 Sep
2011
9 Sep
'11
8:51 p.m.
A user could access any page if they knew the URL without
authenticating. Users are now redirected to the login page if they try
to access another page without being logged in.
This patch requires that the User roles, PUA and RLS patches be applied
first
James
12 Sep
12 Sep
6:45 p.m.
Indeed. Siremis authentication can be bypassed.
It would be nice if that patch would be applied soon.
Thanks
Klaus
Am 09.09.2011 18:51, schrieb James Wyatt:
A user could access any page if they knew the URL
without
authenticating. Users are now redirected to the login page if they try
to access another page without being logged in.
This patch requires that the User roles, PUA and RLS patches be applied
first
James
_______________________________________________
sr-dev mailing list
sr-dev(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
6:46 p.m.
shouldn't we call it a security fix?
Am 09.09.2011 18:51, schrieb James Wyatt:
A user could access any page if they knew the URL
without
authenticating. Users are now redirected to the login page if they try
to access another page without being logged in.
This patch requires that the User roles, PUA and RLS patches be applied
first
James
_______________________________________________
sr-dev mailing list
sr-dev(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
4808
days inactive
4811
days old
3 comments
3 participants
participants (3)
-
Henning Westerholt -
James Wyatt -
Klaus Darilion