Sorry for taking so long to respond to this. I've confirmed what
you've written, and I've added a patch to the upcoming QmailAdmin
1.2.12 that checks for this. Thanks for reporting the problem.
-Tom
On Aug 1, 2006, at 7:14 PM, [EMAIL PROTECTED] wrote:
hi
we found serious bug of qmailadmin.
what will happen is all the directory will destroy.
the case was...
1. make mailinglist address with qmailadmin
=================================================
10.10.10.30 - - [02/Aug/2006:10:28:15 +0900] "GET /cgi-bin/
qmailadmin/com/addmailinglist?
user=postmaster&dom=sample.co.jp&time=1154482055&dt=0 HTTP/1.1" 200
7998 "http://sample.co.jp/cgi-bin/qmailadmin/com/showmailinglists?
user=postmaster&dom=sample.co.jp&time=1154482055&" "Mozillla/4.0
(compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
10.10.10.30 - - [02/Aug/2006:10:28:27 +0900] "POST /cgi-bin/
qmailadmin/com/addmailinglistnow?
user=postmaster&dom=sample.co.jp&time=1154482055& HTTP/1.1" 200
5325 "http://sample.co.jp/cgi-bin/qmailadmin/com/addmailinglist?
user=postmaster&dom=sample.co.jp&time=1154482055&dt=0" "Mozillla/
4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
2. then delete mailinglist address.
=================================================
10.10.10.30 - - [02/Aug/2006:10:29:06 +0900] "GET /cgi-bin/
qmailadmin/com/delmailinglist?
user=postmaster&dom=sample.co.jp&time=1154482055&modu=test HTTP/
1.1" 200 2439 "http://sample.co.jp/cgi-bin/qmailadmin/com/
addmailinglistnow?
user=postmaster&dom=sample.co.jp&time=1154482055&" "Mozillla/4.0
(compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
10.10.10.30 - - [02/Aug/2006:10:29:11 +0900] "POST /cgi-bin/
qmailadmin/com/delmailinglistnow?
user=postmaster&dom=sample.co.jp&time=1154482055& HTTP/1.1" 200
4490 "http://sample.co.jp/cgi-bin/qmailadmin/com/delmailinglist?
user=postmaster&dom=sample.co.jp&time=1154482055&modu=test"
"Mozillla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR
1.1.4322)"
3. after that u will got the address like this on the address bar on
your browser.
=================================================
http://sample.co.jp/cgi-bin/qmailadmin/com/delmailinglistnow?
user=postmaster&dom=sample.co.jp&time=1154482055&
4.k! now the main point. ENTER the URL.
=================================================
10.10.10.30 - - [02/Aug/2006:10:29:45 +0900] "GET /cgi-bin/
qmailadmin/com/delmailinglistnow?
user=postmaster&dom=sample.co.jp&time=1154482055& HTTP/1.1" 200
8058 "-" "Mozillla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;
SV1; .NET CLR 1.1.4322)"
5. and look under then domain directory.
ALL DIRECTORY HAS BEEN DELETED...vpasswd and etc,, everything gone...
please confirm this.
!DSPAM:472cb7dd32001535157856!
