Hosting Provided By

Re: Re: Progress Webspeed exploit for all releases

From: <suresync(at)gmail.com>
Date: Fri Jun 29 2007 - 17:51:26 EDT

Response Progress:

Thank you for the additional details. We do fully acknowledge that this security threat with _cpyfile.r exists also when the "tty" directory is installed.

However as explained earlier this issue was fixed in OpenEdge 10.0A and beyond by checking the broker deployment mode (Dev/Prod) in the code. WebSpeed from versions 9.x are still affected. We recommend our users to upgrade or remove this file from their deployments. Received on Sat Jun 30 12:51:46 2007

This message: [ Message body ]
Next message: underwater(at)itdefence.ru: "WheatBlog 1.1 RFI/SQL Injection"
Previous message: Airscanner Corp.: "Airscanner Advisory #07062901: FlexiSPY Victim/User Database Exposure (Full world readable access to ALL SMS/Emails/Voice data from victims/users)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sat Jun 30 2007 - 13:00:03 EDT