Security flaw in htmlscript

Joseph Jay Austin (joe@HTMLSCRIPT.COM)
Tue, 27 Jan 1998 17:28:53 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Olaf Kirch: "Re: Announcement: Phrack 52"
Previous message: Lucio Torre: "ANNOUNCE: Secure Syslog"

This message is in response to the security breach regarding
our product, htmlscript, that was published in this list.

We became aware earlier today of a security flaw in the
htmlscript 2.99x distribution and certain earlier releases.

This flaw allows people to get a copy of the system password
(and other) files using our product. We are fixing this
problem and will be making a binary only distribution of
v2.9932 available to all licensees of the product.

The current shipping version of the product (htmlscript
v3.x/Miva 1.x) does not have this security flaw. All
customers have the option of getting a copy of the latest
release or a binary only fix of the 2.99x distribution.
Both are, naturally, available at no charge. Customers
wanting access to these binaries should contact
support@htmlscript.com or should call our main number.

Due to the serious nature of this problem we urge all
htmlscript licensees to make this upgrade their
highest priority.

----------------------
Htmlscript Corporation
Joe Austin, President
joe@htmlscript.com
http://www.htmlscript.com
619-490-2570:main line
619-490-2571:direct
----------------------

Next message: Olaf Kirch: "Re: Announcement: Phrack 52"
Previous message: Lucio Torre: "ANNOUNCE: Secure Syslog"