Re: SNI-16: INN News Server Security Advisory

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Steinar Haug: "Re: BIND Nuking"
• Previous message: Aleph One: "Another hole poked in Communicator"
• Maybe in reply to: Secure Networks Inc.: "SNI-16: INN News Server Security Advisory"
• Next in thread: Nathan J. Mehl: "Re: SNI-16: INN News Server Security Advisory"

In message <Pine.BSI.3.96.970721144428.9165A-100000@silence.secnet.com>,
"Secure Networks Inc." <sni@SILENCE.SECNET.COM> writes:

> Fix Information
> ~~~~~~~~~~~~~~~
>
> INN version 1.6 has been made availible at ftp://ftp.isc.org/isc/inn. A
> fix will not be made availible for prior releases and it is suggested that
> all users running INN upgrade to version 1.6 immediately.

It would appear that Miquel van Smoorenburg at Cistron has made available
a patch for this bug, it's available from:

http://miquels.www.cistron.nl/inn/

I'm just passing this pointer on.

Disclaimer: Caveat emptor, examine the patch yourself and satisfy
yourself with what it does. All disclaimers apply.
Don't blame me for it.

Chris
- --
Christopher Samuel, IT Vulnerabilities Group, C.Samuel@eris.dera.gov.uk
N-115, Defence Research Agency, St Andrews Road, Great Malvern, England, UK
DISCLAIMER: I write only for myself, not for DRA. Phone: +44 1684 894644
+MIME+ +QMAIL+ +PGP+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAwUBM9zOyFJ7nmUlvnM9AQH+qwP+OGmcvl1ysPJINTp2s+Qqau8Ww4ttQybp
jhol1azfwLzMt0v56uu9036mUftY7jijfmXodbYgxd8+3aieZcw6KIIUXSTlJGxK
q/awXYFW8Xwp3/ShtzvS4KhnNcpZWVvN55ZTAjWJlCz/MasaDNjFMXEuDlXLTPqZ
bX+xq/hpb1M=
=XSb7
-----END PGP SIGNATURE-----

• Next message: Steinar Haug: "Re: BIND Nuking"
• Previous message: Aleph One: "Another hole poked in Communicator"
• Maybe in reply to: Secure Networks Inc.: "SNI-16: INN News Server Security Advisory"
• Next in thread: Nathan J. Mehl: "Re: SNI-16: INN News Server Security Advisory"