Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta

From: kelli burkinshaw (kelli.burkinshawat_private)
Date: Tue Jul 23 2002 - 14:14:01 PDT

Next message: stealth: "Re: SSH Protocol Trick"

Previous message: Mikael Olsson: "Re: SSH Protocol Trick"
Next in thread: Bela Lubkin: "Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta"
Next in thread: Andrea Lisci: "Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) In-Reply-To: <20020722200944.A6030at_private-f.net> Hello Kyuzo, This is the first VanDyke Software has heard of the problem you reported. We take these issues seriously--making fixes available to our customers as soon as possible. We have identified the area of code where the problem exists and will be posting fixes for both SecureCRT 3.4 and 4.0 to our website (www.vandyke.com) as soon as possible. It should also be noted that this problem is specific to SSH1 and does not happen when SSH2 is selected as the protocol from SecureCRT. Thank you for bringing this to our attention. For future reports, feel free to send them directly to VanDyke Software (supportat_private). kelli burkinshaw Product Director VanDyke Software

Next message: stealth: "Re: SSH Protocol Trick"
Previous message: Mikael Olsson: "Re: SSH Protocol Trick"
Next in thread: Bela Lubkin: "Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta"
Next in thread: Andrea Lisci: "Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT 3.4 & 4.0 beta"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 23 2002 - 14:38:12 PDT