View Single Post
  #2  
Old 6th March 2013, 16:20
vaio1 vaio1 is offline
Senior Member
 
Join Date: Jul 2007
Location: Italy
Posts: 664
Thanks: 77
Thanked 12 Times in 7 Posts
Default

Hi Guys,

I have found a bug in ISPConfig.
Updating ISPConfig to the last version of the software I have noticed that the database users have the password hidden with the MD5 method.

The problem are the old users who have a clear password!

The upgrade doesn't update the clear passwords to the MD5 password.

Another bug is the check of the Remote Access Control. ISPConfig doesn't update the preferences set in the administration control panel.

I cannot share the user database credencials but I can tell you that some of these credencials in the web_database_user have not a password encrypted.

Please this is really important to solve.

thanks
Reply With Quote