Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 29

Thread: 7-1-09 security patch

  1. #11
    Join Date
    Aug 2007
    Location
    Chicago Area, USA
    Posts
    189
    Rep Power
    8

    Default

    I was just thinking the same thing. I logged onto my suppport account with Zimbra expecting to see something in there, but didn't. I started wondering the same thing wondering if I really wanted to apply that code to my server.

    Zimbra is this for real?
    Release 6.0.2_GA_1912.UBUNTU8_64 UBUNTU8_64 NETWORK edition + Mobile Option
    Activesync with Moto Q9C, HTC Touch Pro, Palm Pro, & Palm Pre

  2. #12
    Join Date
    Aug 2007
    Location
    Chicago Area, USA
    Posts
    189
    Rep Power
    8

    Default

    ok, that's what I was thinking as well. I figured you might not want to make it public. It's just alarms started ringing when none of the URL's went back to Zimbra. Just being cautious. Thanks!
    Release 6.0.2_GA_1912.UBUNTU8_64 UBUNTU8_64 NETWORK edition + Mobile Option
    Activesync with Moto Q9C, HTC Touch Pro, Palm Pro, & Palm Pre

  3. #13
    Join Date
    Nov 2008
    Location
    Ann Arbor, MI
    Posts
    46
    Rep Power
    6

    Thumbs up 7-1-09 security patch

    In case anybody was waiting for some reports on this, we've applied it to our systems successfully- 5.0.16 on RHEL5-64.

    Thanks to all involved for getting the word out and making the patch easy to apply!

  4. #14
    Join Date
    Jul 2006
    Location
    Australia, ACT
    Posts
    197
    Rep Power
    9

    Smile Zimbra Security Vulnerability Report 2nd July

    I received a Zimbra Security Vulnerability Report email today. Is this a hoax or for real? There is no mention of it in the forum announcements.

    If real, will this precipitate a new Zimbra release? I really hate 'patching' a system.

    Thanks!

    http://agilemail.com.au

    Your Australian Zimbra experts
    Sales, consulting, installation, support

  5. #15
    Join Date
    Apr 2006
    Location
    Illinois
    Posts
    194
    Rep Power
    9

    Default

    Information about the vulnerability can be found in the support portal, so I would say it's safe to say it's real.

  6. #16
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    Valid & available in the portal https://support.zimbra.com

    We apologize for the link url's in the notice emails being obscured through loopfuse / not pointing directly to files.zimbra or h.yimg and causing concerns over it's legitimacy.
    Last edited by mmorse; 07-02-2009 at 02:40 PM.

  7. #17
    Join Date
    Jun 2008
    Posts
    48
    Rep Power
    7

    Default social engineering

    We use ZCS Network Pro. We received a security notice last night from Zimbra advising us to install a patch. I verified the md5 checksum provided in the e-mail. However, the link to the update was directed to the server "loopfuse.net". After inspecting the headers, I saw the e-mail came from this domain as well. Only after looking further in the message source did I notice that the text version of the same e-mail actually provides direct links to the same patch hosted on "zimbra.com".

    If zimbra expects administrators to replace important system files linked to through a third party in an e-mail, doesn't that leave them vulnerable to social engineering? If I had a copy of that same file except one that creates vulnerabilities instead of fixing them, I can send a similar e-mail to zimbra admins using a domain which sounds like it could be a marketing partner, tricking them into making their system wide open for attack.

  8. #18
    Join Date
    Dec 2006
    Posts
    18
    Rep Power
    8

    Default Mailboxd security vulnerability?

    Last night I received an email from Zimbra about a security vulnerability in the mailbox server with a link to download a patch. I was going to apply the patch, but it doesn't download from the Zimbra site, which made me a bit concerned. I haven't seen anything about this in the forums, or the Zimbra site. Is there any more information about this?

    Does it just affect NE or the FOSS version as well. If it effects both, is there a FOSS patch somewhere?

  9. #19
    Join Date
    Jun 2007
    Location
    Chicago
    Posts
    19
    Rep Power
    8

    Question Security scam?

    A few minutes ago there was a posting titled "Mailboxd security vulnerability?", that post is now gone. What's up with that? I have attached a picture of that post.

    I did not receive this message but one of my end users did and has send it to me. I have looked at the headers on the message and it looks like it was sent from loopfuse.net. Is this a scam? The message looks good but the source is questionable and the download links are also pointed at loopfuse.

    Picture 8.jpg

  10. #20
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    This post has been moderated until a formal forum announcement is made about this issue.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. Critical Security Issue
    By jholder in forum Announcements
    Replies: 0
    Last Post: 07-02-2009, 11:45 AM
  2. [SOLVED] Zimbra logwatch.
    By nishith in forum Administrators
    Replies: 5
    Last Post: 06-10-2009, 04:42 PM
  3. DelegateAuth in audit.log
    By Krishopper in forum Administrators
    Replies: 2
    Last Post: 05-17-2007, 05:08 AM
  4. High Performance, Security, Redundancy
    By gjhorne in forum Installation
    Replies: 1
    Last Post: 03-30-2007, 11:29 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •