Protecting Mambo Open Source

26-Feb-2003

With recent security exploits we have put together a simple HOWTO using Apache's htaccess feature. This solution will work for all versions of Mambo Open Source.

Release Candidate 3 now available

25-Feb-2003

With any version of Mambo Open Source prior to 4.0.12 RC3 it is possibe for someone to gain access to your site without the need for a username or password.

It is recommended that all users upgrade to this release. A patch is also available from SourceForge for users running 4.0.12 RC2.

We will be releasing information on how to address this issue in earlier releases as soon as possible.

Security Patch for 4.0.12 RC3

25-Feb-2003

A further security exploit has been discovered and a patch has been made available at SourceForge. The patch should be applied immediately and will work for 4.0.12 RC2. Download it here