Security Hole
This WebDNA talk-list message is from 1998
It keeps the original formatting.
numero = 18851
interpreted = N
texte = Hello folks,I've become aware that a potential security hole has been brought up on this list in the last day or 2 that involves NetCloak. I wanted to let everyone know that we are on top of the issue and NetCloak's role in the problem, and will be addressing it with a software upgrade as soon as possible while ensuring that the fix adequately corrects the problem and does not create any new holes. Our intention is to have this fix generally available within 24 hours. We will announce the availability of the update on this list, as well as other appropriate places.Because this problem requires special knowledge of the hole, we are asking that public discussion and speculation about the problem stop. We fully acknowledge the problem, we know what it is, we will fix it, and we'll make every effort to inform the community about the issue. The only thing we don't want to discuss is the exact nature of the problem, due to the fact that this would only serve to make exploitation of the hole easier.Expect another post from me later today with more information, and announcement of a software update.Thank you for helping to identify this problem, and your continued support,John------------------------------------------------------ John O'Fallon john@maxum.com Maxum Development http://www.maxum.com/ More velcro... We need more velcro! ------------------------------------------------------
Associated Messages, from the most recent to the oldest:
Hello folks,I've become aware that a potential security hole has been brought up on this list in the last day or 2 that involves NetCloak. I wanted to let everyone know that we are on top of the issue and NetCloak's role in the problem, and will be addressing it with a software upgrade as soon as possible while ensuring that the fix adequately corrects the problem and does not create any new holes. Our intention is to have this fix generally available within 24 hours. We will announce the availability of the update on this list, as well as other appropriate places.Because this problem requires special knowledge of the hole, we are asking that public discussion and speculation about the problem stop. We fully acknowledge the problem, we know what it is, we will fix it, and we'll make every effort to inform the community about the issue. The only thing we don't want to discuss is the exact nature of the problem, due to the fact that this would only serve to make exploitation of the hole easier.Expect another post from me later today with more information, and announcement of a software update.Thank you for helping to identify this problem, and your continued support,John------------------------------------------------------ John O'Fallon john@maxum.com Maxum Development http://www.maxum.com/ More velcro... We need more velcro! ------------------------------------------------------
John O'Fallon
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Pull Down Search (2000)
File upload woes (1998)
OT: Outsourcing & copyrights (2005)
date (1998)
Version f1 status (1997)
Running _every_ page through WebCat ? (1997)
Grep to convert characters to html entities (2006)
[Semi-OT] Kinda cool tool (how does it work?) (2004)
Upgrading old WebCat Database Files (1997)
[isfile] ? (1997)
Running 2 two WebCatalog.acgi's (1996)
strange [date] behavior (2001)
2nd WebCatalog2 Feature Request (1996)
sendmail spaces (1997)
Can this be done? (1997)
WebDNA Solutions ... sorry! (1997)
Thanks ! (1997)
User/pass with tcpconnect (2000)
Newbie needs advice to learn to use WebDNA (2003)
How to verify email address (1997)