Just FYI ... The buffer overflow conditions in the application layer protocol parsing rountines described in the ISS advisory also exist in version 1.6.1 of Silent Runner. Myself and a colleague reported these vulnerabilities to Raytheon in March of this year. We did not take a look at the knowledge browser so I'm not sure if this overflow exists in1.6.1 or not. Unfortunately, I know longer have access to the software to find out. -Jack
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 16:21:56 PDT