Dear all,
as announced before, all LAM versions before 8.0 contain a critical
remote execution vulnerability. Attackers can run arbitrary code without
the need of a valid login.
The security researchers who found the issue will publish details on the
exploitation next week. Please urgently upgrade your instances to at
least 8.0 (better 8.0.1 as it fixes some bugs) until July 3rd.
After this date LAM instances that are available to the public internet
are highly at risk to be exploited.
Best regards
Roland
LDAP Account Manager
https://www.ldap-account-manager.org/
_______________________________________________
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
