[15132] in bugtraq
Re: i think
daemon@ATHENA.MIT.EDU (Ben Greenbaum)
Thu Jun 1 00:35:56 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.21.0005291509420.29903-100000@mail>
Date: Mon, 29 May 2000 15:26:41 -0700
Reply-To: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
From: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Update: The advisory states that 6.5 has this fixed. I just tested and
Version 6.50 (2000094) (trialware) is still vulnerable by default,
although it does give the option to configure it to use either NetOp
security or Windows security, in which case you can customize which users
have access to which functions. With the 'Windows security' option the
relevant NTFS ACLs are applied in addition to whatever settings are
specified in NetOp.
---axess wrote---
> http://packetstorm.securify.com/advisories/b0f/b0f2-NetOp.txt
>
> Here is an advisor i wrote some time ago on it.
>
> axess
>
> ______________________________________________
> FREE Personalized Email at Mail.com
> Sign up at http://www.mail.com/?sr=signup
------
Ben Greenbaum
Director of Site Content
Security Focus
http://www.securityfocus.com
