Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email
?
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Home
Help
Search
Login
Register
Roundcube Community Forum
»
Miscellaneous
»
Roundcube Discussion
»
Roundcube Vulnerability scanned by RIPS and CVE
« previous
next »
Print
Pages: [
1
]
Author
Topic: Roundcube Vulnerability scanned by RIPS and CVE (Read 4571 times)
winstonhong
Newbie
Posts: 2
Roundcube Vulnerability scanned by RIPS and CVE
«
on:
June 30, 2015, 04:20:24 PM »
Hello Roundcube team.
Thank you very much for your wonderful product.
When I investigate the vulnerability of web applications, I found the potential PHP vulnerability of Roundcube.
Would you please try the following 3 approaches to test the vulnerability of Roundcube? Thanks.
(1) Security Vulnerability of Roundcube reported by CVE
http://www.cvedetails.com/vulnerability-list/vendor_id-8905/Roundcube.html
(2) Scan Roundcube source code using RIPS
http://rips-scanner.sourceforge.net/
(3) Scan Roundcube source code using PHP-Vulnerability-test-suite
https://github.com/stivalet/PHP-Vulnerability-test-suite
In the mean time, we will try to scan Roundcube webmail server using the following general approaches. We will report our result to you.
http://resources.infosecinstitute.com/14-popular-web-application-vulnerability-scanners/
Thank you for your attention.
Best regards,
Winston Hong
«
Last Edit: July 01, 2015, 03:16:18 PM by winstonhong
»
Logged
SKaero
Administrator
Hero Member
Posts: 5,882
Re: Roundcube Vulnerability scanned by RIPS and CVE
«
Reply #1 on:
June 30, 2015, 06:24:04 PM »
All known vulnerability in Roundcube have been patched, make sure your testing the latest Roundcube version. If you do find any new vulnerability in the current version of Roundcube please report them.
Logged
SK
aero
Print
Pages: [
1
]
« previous
next »
Roundcube Community Forum
»
Miscellaneous
»
Roundcube Discussion
»
Roundcube Vulnerability scanned by RIPS and CVE