Security Hole

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 18851
interpreted = N
texte = Hello folks,I've become aware that a potential security hole has been brought up on this list in the last day or 2 that involves NetCloak. I wanted to let everyone know that we are on top of the issue and NetCloak's role in the problem, and will be addressing it with a software upgrade as soon as possible while ensuring that the fix adequately corrects the problem and does not create any new holes. Our intention is to have this fix generally available within 24 hours. We will announce the availability of the update on this list, as well as other appropriate places.Because this problem requires special knowledge of the hole, we are asking that public discussion and speculation about the problem stop. We fully acknowledge the problem, we know what it is, we will fix it, and we'll make every effort to inform the community about the issue. The only thing we don't want to discuss is the exact nature of the problem, due to the fact that this would only serve to make exploitation of the hole easier.Expect another post from me later today with more information, and announcement of a software update.Thank you for helping to identify this problem, and your continued support,John------------------------------------------------------ John O'Fallon john@maxum.com Maxum Development http://www.maxum.com/ More velcro... We need more velcro! ------------------------------------------------------ Associated Messages, from the most recent to the oldest:

    
  1. Re: Security hole in WebCat? (Grant Hulbert 1999)
  2. Re: Security hole in WebCat? (Michael Winston 1999)
  3. Re: Security hole in WebCat? (Michael Winston 1999)
  4. Security hole in WebCat? (Timothy W. Killian 1999)
  5. Re: Security Hole - NetCloak Update (Paul Uttermohlen 1998)
  6. Re: Security Hole - NetCloak Update (Peter Ostry 1998)
  7. Re: Security Hole - NetCloak Update (John O'Fallon 1998)
  8. Re: Security Hole - NetCloak Update (John O'Fallon 1998)
  9. Re: Security Hole - NetCloak Update (Charles Kefauver 1998)
  10. Re: Major Security Hole (solution with Welcome) (Andreas Pardeike 1998)
  11. Re: Security Hole - NetCloak Update (Paul Uttermohlen 1998)
  12. Re: Security Hole - NetCloak Update (John O'Fallon 1998)
  13. Security Hole (John O'Fallon 1998)
  14. Re: Major Security Hole (Kenneth Grome 1998)
  15. Re: Major Security Hole (Peter Ostry 1998)
  16. Re: Major Security Hole (Paul Uttermohlen 1998)
  17. Re: Major Security Hole (solution with Welcome) (Peter Ostry 1998)
  18. Re: Major Security Hole (Charles Kefauver 1998)
  19. Re: Major Security Hole (solution with Welcome) (Andreas Pardeike 1998)
  20. Re: Major Security Hole (PCS Technical Support 1998)
  21. Re: Major Security Hole (Peter Ostry 1998)
  22. Re: Major Security Hole (Dan Tryon 1998)
  23. Re: Major Security Hole (Jim Turney 1998)
  24. Re: Major Security Hole (Peter Ostry 1998)
  25. Re: Major Security Hole (Paul Uttermohlen 1998)
  26. Re: Major Security Hole (Bob Minor 1998)
  27. Re: Major Security Hole (Dan Tryon 1998)
  28. Re: Major Security Hole (Brian Willson 1998)
  29. Re: Major Security Hole (Britt T. 1998)
  30. Re: Major Security Hole (Paul Uttermohlen 1998)
  31. Re: Major Security Hole (Dave MacLeay 1998)
  32. Re: Major Security Hole (Bob Minor 1998)
  33. Re: Major Security Hole (Peter Ostry 1998)
  34. Re: Major Security Hole (PCS Technical Support 1998)
  35. Major Security Hole (Paul Uttermohlen 1998)
  36. Re: Major Security Hole IIS NT (Bob Minor 1998)
  37. Re: Major Security Hole IIS NT (greg 1998)
  38. Re: Major Security Hole IIS NT (Kenneth Grome 1998)
  39. Re: Major Security Hole IIS NT (Kenneth Grome 1998)
  40. RE: Major Security Hole IIS NT (PCS Technical Support 1998)
  41. RE: Major Security Hole IIS NT (Olin 1998)
  42. Re: Major Security Hole IIS NT (Bob Minor 1998)
  43. Re: Major Security Hole IIS NT (PCS Technical Support 1998)
  44. Re: Major Security Hole IIS NT (Bob Minor 1998)
  45. Re: Major Security Hole IIS NT (Peter Ostry 1998)
  46. Re: Major Security Hole IIS NT (Bob Minor 1998)
  47. Re: Major Security Hole IIS NT (Bob Minor 1998)
  48. Major Security Hole IIS NT (Bob Minor 1998)
  49. Re: Major Security Hole IIS NT (Raymond Hatch 1998)
  50. Re: Major Security Hole IIS NT (Raymond Hatch 1998)
  51. Re: Major Security Hole IIS NT (Chuck Wall 1998)
  52. Re: Major Security Hole IIS NT (Raymond Hatch 1998)
  53. Re: Major Security Hole IIS NT (Raymond Hatch 1998)
  54. Re: Major Security Hole IIS NT (Raymond Hatch 1998)
  55. Re: Major Security Hole IIS NT (Raymond Hatch 1998)
Hello folks,I've become aware that a potential security hole has been brought up on this list in the last day or 2 that involves NetCloak. I wanted to let everyone know that we are on top of the issue and NetCloak's role in the problem, and will be addressing it with a software upgrade as soon as possible while ensuring that the fix adequately corrects the problem and does not create any new holes. Our intention is to have this fix generally available within 24 hours. We will announce the availability of the update on this list, as well as other appropriate places.Because this problem requires special knowledge of the hole, we are asking that public discussion and speculation about the problem stop. We fully acknowledge the problem, we know what it is, we will fix it, and we'll make every effort to inform the community about the issue. The only thing we don't want to discuss is the exact nature of the problem, due to the fact that this would only serve to make exploitation of the hole easier.Expect another post from me later today with more information, and announcement of a software update.Thank you for helping to identify this problem, and your continued support,John------------------------------------------------------ John O'Fallon john@maxum.com Maxum Development http://www.maxum.com/ More velcro... We need more velcro! ------------------------------------------------------ John O'Fallon

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Pull Down Search (2000) File upload woes (1998) OT: Outsourcing & copyrights (2005) date (1998) Version f1 status (1997) Running _every_ page through WebCat ? (1997) Grep to convert characters to html entities (2006) [Semi-OT] Kinda cool tool (how does it work?) (2004) Upgrading old WebCat Database Files (1997) [isfile] ? (1997) Running 2 two WebCatalog.acgi's (1996) strange [date] behavior (2001) 2nd WebCatalog2 Feature Request (1996) sendmail spaces (1997) Can this be done? (1997) WebDNA Solutions ... sorry! (1997) Thanks ! (1997) User/pass with tcpconnect (2000) Newbie needs advice to learn to use WebDNA (2003) How to verify email address (1997)