[20265] in bugtraq
iPlanet Web Server 4.x Product Alert
daemon@ATHENA.MIT.EDU (Santi Claus)
Tue Apr 17 14:12:06 2001
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <F280OwNkpDnwLDeOCLk0000816a@hotmail.com>
Date: Tue, 17 Apr 2001 12:42:47 -0000
Reply-To: Santi Claus <wurzelsepp201@HOTMAIL.COM>
From: Santi Claus <wurzelsepp201@HOTMAIL.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
i'm sending this because I was not able to find it in the bugtraq archive
yet. iPlanet does not seem to inform bugtraq (why?). The information posted
herein can be found in
http://www.iplanet.com/products/iplanet_web_enterprise/iwsalert4.16.html
---------------------------------------------------------------------
Important iPlanet Web Server 4.x Product Alert:
Recommend Immediate Patch/Upgrade
April 16, 2001
iPlanet has identified a security vulnerability in the iPlanet
Web Server Enterprise Edition 4.x products. This problem does
not affect any releases of the product prior to the 4.x versions;
however it does affect all iPlanet applications operating on the
iPlanet Web Server platform. A patch and implementation
instructions to address it are now available.
Without this patch/upgrade, the problem will persist and affect
your site's data security, potentially leading to a data corruption
event. iPlanet urges all users of the iPlanet Web Server to
upgrade immediately to prevent any potential data security
risks.
This problem can be addressed by upgrading to iPlanet Web
Server version 4.1sp7 or by installing this NSAPI module.
Due to a potential performance impact the use of the NSAPI
solution should be a short-term solution while undertaking the
steps necessary to upgrade to iPlanet Web Server 4.1sp7.
---------------------------------------------------------------------
Cheers /Sepp
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
