![]() |
|
|
|||||||
For more information about the ads and why they're here, please see the FAQ
![]() |
|
|
LinkBack | Thread Tools | Display Modes |
|
#1
|
|||
|
|||
|
This is my first post. I'm using roundcube 0.1.1 on a debian sarge server: - apache 1.3.33-6sarge3 - php4 4.3.10-22 I have this strange behaviour: I can login using a wrong password if the wrong password begins with the right password. example: right password: pippo entering pippoxx I can login. why? Thanks in advance, Fabio |
|
#2
|
|||
|
|||
|
Same problem here.
OS: Debian etch ii libsasl2 2.1.22.dfsg1-8 Authentication abstraction library ii libsasl2-2 2.1.22.dfsg1-8 Authentication abstraction library ii apache2 2.2.3-4+etch6 ii php5-imap 5.2.0-8+etch13 I've install about of 6 isp config with roundcube and all have the same problem. For example if the password is 12345678 and I put 123456789 or 1234567 (yes, with 1 missin carcter) the webmails login ok.. It's a serius bug, with other webmails like talent this problem down not happen Is there any feedback.. I hope so because I really like this webmail but I habe to use talent for every ispconfig installation. Thanks!
Last edited by sk8federico; 07-03-2009 at 11:35 PM. Reason: (forgot to put pakkages installed on server) |
|
#3
|
|||
|
|||
|
I'm not sure if this is an RC bug or not, there is an old ticket about a similar issue here #1484100 (IMAP login accepted even if the password is not absolutely correct) ? RoundCube Webmail. RC does not do any authentication its self, it just sends the credentials to the mail server and checks the response.
__________________
RoundCube Patches & Plugins: Managesieve, SpamAssassin Prefs, and more… |
![]() |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|