Subject: | |
From: | |
Reply To: | |
Date: | Fri, 4 Apr 2003 18:56:12 GMT |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Hello @ 3000-l,
RE: Security bulletin for Sendmail and FTP
--------------------------------------------------
Gibson Nichols ([log in to unmask]) wrote:
: I just got a security bulletin for Sendmail and
: FTP. The description is too vague to tell if we
: have a problem.
Dennis Handly says:
By definition if you use ... FTP you have a
problem. I assume the description is deliberately
vague so someone doesn't exploit them.
--------------------------------------------------
Dennis has the correct answer here. I worked on this problem with
the labs. I identified the code changes and as well I built & tested
the repairs. The security bulletin text is specifically vague as any
further description of this problem would support a persons ability to
exploit it. The patches are available on the ITRC and are General
Release. This fix was built as a single fix on top of the current
General Release patches for 6.5, 7.0 and 7.5. This fix will be
included in all future 6.5 and 7.x FTP patches.
Bottom Line: As state above "By definition if you use FTP you have
this problem". Install the recommended patches:
FTPGDY7 for 6.5,
FTPGDY8 for 7.0,
FTPGDY9 for 7.5.
Regards,
James Hofmeister
Hewlett Packard - Global Solutions Engineering (WTEC)
P.S. My Ideals are my own, not necessarily my employers.
________________________________________________________________
Sign Up for Juno Platinum Internet Access Today
Only $9.95 per month!
Visit www.juno.com
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|
|
|