Search found 2213 matches

by Klug
Wed Apr 11, 2018 10:52 am
Forum: Administrators
Topic: serious open relay problem with zimbra
Replies: 4
Views: 1195

Re: serious open relay problem with zimbra

Hello. It's not a problem with Zimbra at all. Take a closed look at the spams (the headers) and you'll see they are not coming from your server but from the internet, with a "fake" sender (sender = recipient). In the last weeks/months, I've seen more and more of these spams. Everybody is i...
by Klug
Tue Apr 03, 2018 11:26 am
Forum: Installation and Upgrade
Topic: CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting
Replies: 8
Views: 2137

Re: CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting

Patch will be delivered (with a few backported bugs).
No ETA yet.
by Klug
Fri Mar 30, 2018 5:19 am
Forum: Installation and Upgrade
Topic: CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting
Replies: 8
Views: 2137

Re: CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting

Last news from support: "It is unlikely that the vulnerability will be fixed in ZCS 8.6 given the version is reaching end of support soon" and "We are going to report this request to our development team. We will let you know about the status as we hear from the development team. &quo...
by Klug
Wed Mar 28, 2018 4:18 pm
Forum: Administrators
Topic: Question about functionality (product comparison FOSS vs NE)
Replies: 4
Views: 618

Re: Question about functionality (product comparison FOSS vs NE)

Actually, "AD auth" is a pre-configured "LDAP auth" (with the good filter).

Look here: viewtopic.php?t=61347
by Klug
Wed Mar 28, 2018 11:04 am
Forum: Installation and Upgrade
Topic: CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting
Replies: 8
Views: 2137

Re: CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting

Vulnerability has been confirmed by support. Initial answer: "This vulnerability is fixed in ZCS 8.7.11 patch 1, 8.8.7 and 8.8.8 versions. ZCS 8.6.x is reaching end of support (...). Hence, we recommend you to upgrade the server as early as possible to a later release where the vulnerability ha...
by Klug
Wed Mar 28, 2018 8:12 am
Forum: Installation and Upgrade
Topic: CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting
Replies: 8
Views: 2137

Re: CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting

As the bug is (once again) private (even when logged in bugzilla), I created a support case.
by Klug
Mon Mar 26, 2018 1:33 pm
Forum: Installation and Upgrade
Topic: CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting
Replies: 8
Views: 2137

CVE-2018-6882 Zimbra Collaboration Suite - Stored Cross-Site Scripting

Hello all. Another one... It's from last january, went in the bugtraq mailing-list today. About the issue (quoting the author): This issue was successfully tested on ZCS 8.7.11_GA_1854 (build 20170531151956). It is however likely that this issue is present in all versions of ZCS from version 8.5.0 o...

Go to advanced search