Hello @ 3000-l,
RE: Security bulletin for Sendmail and FTP

--------------------------------------------------
Gibson Nichols ([log in to unmask]) wrote:
: I just got a security bulletin for Sendmail and
: FTP.  The description is too vague to tell if we
: have a problem.

Dennis Handly says:
By definition if you use ... FTP you have a
problem.  I assume the description is deliberately
vague so someone doesn't exploit them.
--------------------------------------------------

Dennis has the correct answer here.      I worked on this problem with
the labs.   I identified the code changes and as well I built & tested
the repairs.   The security bulletin text is specifically vague as any
further description of this problem would support a persons ability to
exploit it.      The patches are available on the ITRC and are General
Release.      This fix was built as a single fix on top of the current
General Release patches for 6.5, 7.0 and 7.5.         This fix will be
included in all future 6.5 and 7.x FTP patches.

Bottom Line:     As state above "By definition if you use FTP you have
this problem".  Install the recommended patches:

                     FTPGDY7  for 6.5,
                     FTPGDY8  for 7.0,
                     FTPGDY9  for 7.5.

Regards,

James Hofmeister
Hewlett Packard - Global Solutions Engineering (WTEC)
P.S. My Ideals are my own, not necessarily my employers.




________________________________________________________________
Sign Up for Juno Platinum Internet Access Today
Only $9.95 per month!
Visit www.juno.com

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *