---------- Forwarded message ---------- Date: Tue, 16 Jun 1998 08:11:03 -0400 From: Russ <Russ.Cooperat_private> To: NTBUGTRAQat_private Subject: Re: Cheyenne Inoculan vulnerability on NT According to a conversation I had with Computer Associates International Tech Support, the problem described on June 10th regarding being able to run arbitrary code on a machine running Inoculan v4.0 HAS NOT BEEN FIXED by their patch "Update to build 373, Service Pack 2A - il0145.zip". As of today, they stated that they hope to have a fix publicly available with the next signature file update. CAI have their own Listserv to keep interested parties up-to-date regarding their products; To keep updated with the latest news about InocuLAN, ARCserve & FAXserve please subscribe to CA E-news http://www.cai.com/cheyenne/listserv/ CAI do have a temporary fix which they have made available to at least one Inoculan customer. Why they have not deemed this important enough to make it available to all customers is a mystery. The original poster of this thread waited until he had seen the temporary fix in action before posting the exploit information on the assumption that what he received was now publicly available. If you run Inoculan, contact CAI and insist on the temporary fix until they make it available as part of a general service pack. Cheers, Russ
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:59 PDT