High security hole in NullLogic Groupware

[Tim Brown <timb () nth-dimension org uk>]

Hi,

I've identified a couple of security flaws affecting the NullLogic Groupware  
which may allow compromise of accounts, denial of service or even remote code 
execution.  These issues were reported by email to the developer but no 
response was forthcoming.
 
Tim
-- 
Tim Brown
<mailto:timb () nth-dimension org uk>
<http://www.nth-dimension.org.uk/>

Attachment: NDSA20090413.txt.asc
Description:

Attachment: signature.asc
Description: This is a digitally signed message part.