-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All versions of the publicly available MMDF prior to version 2.44.b4 are vulnerable. The version of MMDF distributed with SCO OpenServer was found to be vulnerable, and NAI's advisory was based on this information. The latest stable version is 2.44 and NOT 2.43 as previously stated. The latest version of MMDF, which has not been vulnerable to these attacks for some time, has been recently updated and is available at: ftp://www.mathematik.uni-kl.de/pub/Sources/mail+news/mmdf/ - -rw-r--r-- 1 mmdf mail 1416811 Feb 21 22:59 mmdf-2.44-final.tar.gz Also, as previously mentioned, patches for the vulnerable version shipped with SCO OpenServer are available from: http://www.sco.com/security. Please feel free to contact us with any additional questions. NAI Security Labs seclabsat_private -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.1 Comment: Crypto Provided by Network Associates <http://www.nai.com> iQA/AwUBOLNP6qF4LLqP1YESEQIJegCguaPr65jZFdQUvi1+3idzAVyB3WcAnA5L x3moOvs7biru0kZr7U1xnCm3 =i6aM -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:36:41 PDT