Progress Database vulnerabilities
From: KF (dotslash@snosoft.com)Date: 10/05/01
- Previous message: Don: "Re: AIM 0day DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <3BBDDE38.CD1C2CB@snosoft.com> Date: Fri, 05 Oct 2001 12:22:16 -0400 From: KF <dotslash@snosoft.com> To: bugtraq@security-focus.com Subject: Progress Database vulnerabilities
Some time ago I released an advisory on Progress 8.x and 9.x products
(http://packetstormsecurity.org/0101-exploits/progress-db.txt)
the company attempted to patch and was not successful... here are some
notes
I had lying around on various security issues in their products... I was
basically told that there were so many holes found that it would not
be feasable to fix them until the next revision of their code version
(9.2 perhaps)?
These holes are present in most versions of progress windows and unix to
my knowledge. The attached was a letter that was forwarded to their
staff several months back... I have been sitting on it for some time...
this is maybe the 2nd or 3rd time I have told them about these issues.
As of right now I am aware of NO fixes.
-KF
- application/octet-stream attachment: stillvuln.txt
- Previous message: Don: "Re: AIM 0day DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
