Re: IRM Security Advisory 002: Netware Web Server Source Disclosure

From: Matthew Firth (matthew.firthat_private)
Date: Wed Dec 19 2001 - 20:48:56 PST

Next message: Trustix Secure Linux Advisor: "TSLSA-2001-0029 - glibc"

Previous message: Peter Mell: "Recent Advances in Intrusion Detection Symposium"
In reply to: IRM Security Advisories: "IRM Security Advisory 002: Netware Web Server Source Disclosure"
Next in thread: Alun Jones: "Re: IRM Security Advisory 002: Netware Web Server Source Disclosure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have had someone try to verify this problem for me & his results were as
follows:

NetWare 5.1 SP2A: Vulnerable.
NetWare 5.1 SP3: Not Vulnerable.

Apparent Solution: Apply NetWare 5.1 SP3  [It's been released for nearly
6 months].

cheers,

matthew

On 19 Dec 2001, IRM Security Advisories wrote:

> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> IRM Security Advisory No. 002
>
> Netware Web Server 5.1 Sample Page Source Disclosure
>
> Vulnerablity Type / Importance: Information Leakage / High
>
> Problem discovered: November 18th 2001
> Vendor contacted: November 20th 2001, November 29th 2001
> Advisory published: December 11th 2001
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

<snip>

Next message: Trustix Secure Linux Advisor: "TSLSA-2001-0029 - glibc"
Previous message: Peter Mell: "Recent Advances in Intrusion Detection Symposium"
In reply to: IRM Security Advisories: "IRM Security Advisory 002: Netware Web Server Source Disclosure"
Next in thread: Alun Jones: "Re: IRM Security Advisory 002: Netware Web Server Source Disclosure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Dec 20 2001 - 14:34:54 PST