User contributions for Plobbes
9 May 2018
- 23:3023:30, 9 May 2018 diff hist +30 Zimbra Releases/8.8.8 security: update CVSS scores and ratings
- 23:2523:25, 9 May 2018 diff hist +92 Zimbra Releases/8.6.0/P10 security: update CVSS scores and ratings
- 23:1523:15, 9 May 2018 diff hist 0 m Zimbra Releases/8.7.11/P3 No edit summary
17 April 2018
- 02:3802:38, 17 April 2018 diff hist +48 m Zimbra Security Center Acknowledgements No edit summary
14 April 2018
- 05:2205:22, 14 April 2018 diff hist +2,643 Security Center mention 8.7.11 Patch 1, 8.7.11 Patch 2 and 8.8.8 Patch 1
- 05:0705:07, 14 April 2018 diff hist +98 m Zimbra Security Advisories No edit summary
- 05:0305:03, 14 April 2018 diff hist +19 m Zimbra Security Advisories cleanup and clarification
- 04:4804:48, 14 April 2018 diff hist +353 Zimbra Security Advisories added bug 97579 / CVE-2015-7610; reported by Fortinet's FortiGuard Labs; fixed in 8.7.11 Patch 2,8.8.8 Patch 1
31 March 2018
- 04:3204:32, 31 March 2018 diff hist +55 Zimbra Security Center Acknowledgements added Abdurrahman Nazim
26 March 2018
- 21:0021:00, 26 March 2018 diff hist +82 Zimbra Security Center Acknowledgements - acknowledge Ashish Kunwar
21 March 2018
- 14:2814:28, 21 March 2018 diff hist +275 Security/Collab/88 - added mention of settings to avoid mailsploit
8 March 2018
- 21:4521:45, 8 March 2018 diff hist +1,431 Security Center add note on release of 8.8.7
- 21:3721:37, 8 March 2018 diff hist +310 Security Center - update mailsploit paragraphs to mention the release of 8.8.7 which provides fixes for the issues
12 February 2018
- 22:3322:33, 12 February 2018 diff hist 0 Zimbra Security Advisories bug 108265 CVSSv2 scoring should be 4.3
10 February 2018
- 16:4716:47, 10 February 2018 diff hist +13 Zimbra Security Advisories →Zimbra Collaboration - Security Vulnerability Advisories: added CVE-ID for bug 108786
9 February 2018
- 22:1422:14, 9 February 2018 diff hist +1,515 Security Center add note on ZCS 8.6.0 Patch9
- 22:1122:11, 9 February 2018 diff hist +10 m Zimbra Releases/8.6.0/P9 No edit summary
- 21:1921:19, 9 February 2018 diff hist +142 Zimbra Security Center Acknowledgements added 2018 and welcome back Stephan Kaag for the new year
- 21:1321:13, 9 February 2018 diff hist +346 Zimbra Security Advisories →Zimbra Collaboration - Security Vulnerability Advisories: add XSS bug 108786 - Stephan Kaag of Securify
8 February 2018
- 21:4021:40, 8 February 2018 diff hist +51 m Security/Collab add link for 8.8
- 21:3821:38, 8 February 2018 diff hist +2,479 N Security/Collab/88 Created page with "{{BC|Certified}} __FORCETOC__ <div class="col-md-12 ibox-content"> = Security Settings for Zimbra Collaboration 8.8 series = {{KB|{{ZC}}|{{ZCS 8.8}}||}} {{WIP}} == Important:..."
20 December 2017
- 20:5920:59, 20 December 2017 diff hist +84 m Security Center more details about CVE-2013-7217 / Bug 84547
- 19:1919:19, 20 December 2017 diff hist +61 m Zimbra Security Advisories minor clarification for CVE-2016-9924
- 18:5118:51, 20 December 2017 diff hist −277 m Security Center provide generic vuln details for bug 84547
18 December 2017
- 16:1016:10, 18 December 2017 diff hist +185 Zimbra Releases/8.8 added links for security bugs; removed a few dup security bugs; updated some CVE info
- 15:3915:39, 18 December 2017 diff hist +86 m Zimbra Releases/8.8 added note that ZCS 8.8 GA is ZCS 8.8.5
- 15:1115:11, 18 December 2017 diff hist +86 Zimbra Security Center Acknowledgements added Veit Hailperin for bug 108265
- 15:0615:06, 18 December 2017 diff hist +344 Zimbra Security Advisories Add Bug 108265 - Persistent XSS - Veit Hailperin
11 December 2017
- 16:3416:34, 11 December 2017 diff hist +1,554 Security Center added note on mailsploit / bug 108709
6 December 2017
- 13:5813:58, 6 December 2017 diff hist −158 m Zimbra Releases/8.8 No edit summary
15 November 2017
- 03:1603:16, 15 November 2017 diff hist +151 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: added Girish Bhamare and Zhouyuan Yang
11 October 2017
- 16:2616:26, 11 October 2017 diff hist +81 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: Added Eusebiu Blindu
11 September 2017
- 16:0416:04, 11 September 2017 diff hist −6 m Ports minor formatting cleanup
31 August 2017
- 20:5020:50, 31 August 2017 diff hist +741 Zimbra Security Advisories add 107948 107949 and 107963
- 20:0020:00, 31 August 2017 diff hist +360 Zimbra Security Advisories add 107925 CVE-2017-8802
- 19:5019:50, 31 August 2017 diff hist −59 m Zimbra Security Center Acknowledgements No edit summary
- 19:4119:41, 31 August 2017 diff hist +173 Zimbra Security Center Acknowledgements add 107925 Damian Pfammatter and Alessandro Zala from Compass Security
- 19:3819:38, 31 August 2017 diff hist +193 Zimbra Releases/8.8 Beta3 add 107925 current
- 19:3219:32, 31 August 2017 diff hist +189 Zimbra Releases/8.8 Beta3 add 107949
- 19:2319:23, 31 August 2017 diff hist +196 Zimbra Releases/8.8 Beta3 add 107948
- 19:1819:18, 31 August 2017 diff hist +81 Zimbra Security Center Acknowledgements 8.8.0 beta2 / 107948 add Lucideus
- 19:0019:00, 31 August 2017 diff hist +369 Zimbra Releases/8.8 Beta3 add fix: Bug 107996 - Host header injection [CWE-20]
25 August 2017
- 20:1220:12, 25 August 2017 diff hist +233 Security Center add fix: Bug 107885 - Persistent XSS - description [CWE-79]
- 20:0920:09, 25 August 2017 diff hist +176 Zimbra Releases/8.7.10 add fix: Bug 107885 - Persistent XSS - description [CWE-79]
24 May 2017
- 20:0320:03, 24 May 2017 diff hist +1,143 Security Center added note on CVE-2017-8783 fixed in 8.7.10
- 19:5519:55, 24 May 2017 diff hist +141 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: added Stephan Kaag for 8.7.10 bug 107878 XSS
- 19:5019:50, 24 May 2017 diff hist +364 Zimbra Security Advisories Add details for CVE-2017-8783 (bug 107878) Persistent XSS [CWE-79] fixed in 8.7.10
- 19:3019:30, 24 May 2017 diff hist +190 Zimbra Releases/8.7.10 Moved security fixes to their own section
19 May 2017
- 13:3813:38, 19 May 2017 diff hist +63 m Zimbra Security Advisories add link for CVE-2016-3403
11 May 2017
- 19:5319:53, 11 May 2017 diff hist −19 m Zimbra Releases/8.6 Patch 8 Note: CVE-2015-6542 is being marked as a reservation duplicate of CVE-2016-3403 by Mitre.
- 19:5119:51, 11 May 2017 diff hist −21 m Zimbra Security Advisories Note: CVE-2015-6542 is being marked as a reservation duplicate of CVE-2016-3403 by Mitre.
4 May 2017
- 19:2519:25, 4 May 2017 diff hist +63 m Zimbra Security Advisories No edit summary
30 March 2017
- 21:1021:10, 30 March 2017 diff hist 0 m Zimbra Security Advisories No edit summary
- 21:0621:06, 30 March 2017 diff hist +1,550 Security Center added note on CVE-2017-6813 and CVE-2017-6821 fixed in 8.7.6
- 20:5120:51, 30 March 2017 diff hist +728 Zimbra Security Advisories →Zimbra Collaboration - Security Vulnerability Advisories: added CVE-2017-6813 and CVE-2017-6821 fixed in 8.7.6
28 March 2017
- 14:5714:57, 28 March 2017 diff hist +34 Zimbra Releases/8.7.1 Add details for CVE-2017-7288 Persistent XSS [CWE-79] in Security Fixes
- 14:5314:53, 28 March 2017 diff hist +12 Zimbra Security Advisories →Zimbra Collaboration - Security Vulnerability Advisories
27 March 2017
- 21:0521:05, 27 March 2017 diff hist +97 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: added Sammy Forgit for 8.7.1 bug 106612 XSS
- 21:0421:04, 27 March 2017 diff hist +326 Zimbra Security Advisories →Zimbra Collaboration - Security Vulnerability Advisories: 8.7.1 add 106612 - Sammy Forgit
1 March 2017
- 20:3820:38, 1 March 2017 diff hist +1,288 Security Center added note on limited XXE in ZCS < 8.7.4 (CVE-2016-9924)
- 20:2420:24, 1 March 2017 diff hist +330 Zimbra Security Advisories added bug 106811 - XXE CWE-611 fixed in 8.7.4 - credit to Alastair Gray
1 February 2017
- 04:2904:29, 1 February 2017 diff hist −10 Zimbra Security Advisories add/show CWE-674 description for bug 102029 →Zimbra Collaboration - Security Vulnerability Advisories
- 04:2304:23, 1 February 2017 diff hist −10 Zimbra Security Advisories Added CSRF [CWE-502] description for 8.6.0 Patch8 fixes →Zimbra Collaboration - Security Vulnerability Advisories
- 04:0404:04, 1 February 2017 diff hist +80 Zimbra Security Advisories 8.6.0 Patch8 updates →Zimbra Collaboration - Security Vulnerability Advisories
30 January 2017
- 20:5320:53, 30 January 2017 diff hist +530 Security/Collab Added a brief explanation on JSESSIONID sometimes appearing in a URL
25 January 2017
- 22:0322:03, 25 January 2017 diff hist +886 Sudoers updates for 8.5 current
- 21:4921:49, 25 January 2017 diff hist +12 m Security/Collab No edit summary
- 21:4621:46, 25 January 2017 diff hist +1,054 Security/Collab added - explain the relationship between the '''UNIX user/group''' '''zimbra''' and '''root'''
18 January 2017
- 22:1322:13, 18 January 2017 diff hist +494 Security/Collab added note on Cookies JSESSIONID and ZM_AUTH_TOKEN / bug 91298
12 January 2017
- 02:0202:02, 12 January 2017 diff hist +1,591 Security Center add note on CVE-2016-3403 (bug 100899 / bug 100885) public disclosure
6 January 2017
- 18:2918:29, 6 January 2017 diff hist +88 m Zimbra Security Advisories Updates for bugs: added 100885, which is a dup of 100899 (CSRF in Admin console); Fix CVSS score 6.8 => 5.8; Covers CVE-2015-6542 as well as CVE-2016-3403
12 December 2016
- 16:0716:07, 12 December 2016 diff hist +33 m Zimbra Security Center Acknowledgements No edit summary
1 December 2016
- 22:0322:03, 1 December 2016 diff hist +54 Zimbra Security Center Acknowledgements added Mohit Rawat
- 21:3021:30, 1 December 2016 diff hist +79 Zimbra Security Center Acknowledgements added ANAS LAABAB
15 November 2016
- 20:5120:51, 15 November 2016 diff hist +48 m Zimbra Security Center Acknowledgements added LinkedIn link for Alastair Gray
- 19:2019:20, 15 November 2016 diff hist +49 Zimbra Security Center Acknowledgements No edit summary
7 September 2016
- 21:2221:22, 7 September 2016 diff hist −26 m Security Center Update text referencing the security center.
- 21:1721:17, 7 September 2016 diff hist −293 Reporting Security Issues Some content updates, but also refer more things over to the updated Security Center. current
- 20:5020:50, 7 September 2016 diff hist +54 m Reporting Vulnerabilities to Zimbra →3. Support Case: added a note about emailing support
1 September 2016
- 01:0501:05, 1 September 2016 diff hist +36 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: add url for Akash Saxena
30 August 2016
- 03:4503:45, 30 August 2016 diff hist +56 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: add Akash Saxena
15 July 2016
- 05:3305:33, 15 July 2016 diff hist −86 Zimbra Security Advisories add generic xss and csrf description in summary
9 July 2016
- 06:1406:14, 9 July 2016 diff hist +4,100 Zimbra Security Advisories link scores to nist calculator, other minor updates
8 July 2016
- 05:3005:30, 8 July 2016 diff hist +5,550 Zimbra Security Advisories Updates for ZCS 8.7.0 release and other whitespace cleanup along with a few CWE references
- 04:3404:34, 8 July 2016 diff hist +120 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: added Nam Habach and Netragard
- 03:5303:53, 8 July 2016 diff hist +55 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements: add Peter Nguyen
23 June 2016
- 03:1903:19, 23 June 2016 diff hist +2,036 Security Center add note on ransomware targeting ZCS
17 June 2016
- 12:4312:43, 17 June 2016 diff hist +77 Zimbra Security Center Acknowledgements added Kevin Michael Joensen from secu.dk
14 June 2016
- 18:4118:41, 14 June 2016 diff hist +3,275 Security Center Workaround for CVE-2016-2107
20 May 2016
- 19:5919:59, 20 May 2016 diff hist +136 Security Center add a link to Security/Collab to make that content slightly more discoverable
2 May 2016
- 19:2919:29, 2 May 2016 diff hist +76 Zimbra Security Center Acknowledgements →Zimbra Security Center Acknowledgements
1 April 2016
- 01:3801:38, 1 April 2016 diff hist +9 SecureConfiguration →Undesirable Content: add docm and rar
25 March 2016
- 18:4218:42, 25 March 2016 diff hist +51 Ports →Internal Access
- 16:5316:53, 25 March 2016 diff hist +11 m Ports →System Access and Intra-Node Communication
- 16:3816:38, 25 March 2016 diff hist +89 m Ports →System Access and Intra-Node Communication: add link for zimbraAttachmentsScanURL
- 14:5114:51, 25 March 2016 diff hist +106 Ports →System Access and Intra-Node Communication
- 14:4314:43, 25 March 2016 diff hist +540 Ports lots of updates adding references to config keys and interfaces bound to by default
- 13:1013:10, 25 March 2016 diff hist +47 Ports →Intra-Node Communication
- 13:0513:05, 25 March 2016 diff hist +90 Ports →Intra-Node Communication: add DNS
- 00:2200:22, 25 March 2016 diff hist +56 Ports →Intra-Node Communication