[26396] in bugtraq
Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT
daemon@ATHENA.MIT.EDU (VanDyke Technical Support)
Mon Jul 29 22:29:53 2002
Date: 29 Jul 2002 19:30:17 -0000
Message-ID: <20020729193017.7793.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: VanDyke Technical Support <support@vandyke.com>
To: bugtraq@securityfocus.com
In-Reply-To: <20020729163547.8536.qmail@mail.securityfocus.com>
[Minor correction on upgrade eligibility dates]
We have released versions of SecureCRT that address this
vulnerability. This fix is available for ALL of our licensed
customers without charge. VanDyke Software recommends that all
users of SecureCRT upgrade immediately to the available versions.
Updated installers are available on our website:
Users who purchased SecureCRT licenses before January 1, 2000
(including users of SecureCRT 2.x) should upgrade to SecureCRT
3.2.2:
http://www.vandyke.com/download/securecrt/3.2/index.html
Users who purchased SecureCRT licenses before July 1, 2000
should upgrade to SecureCRT 3.3.4:
http://www.vandyke.com/download/securecrt/3.3/index.html
Users who purchased SecureCRT licenses before June 1, 2001
should upgrade to SecureCRT 3.4.6:
http://www.vandyke.com/download/securecrt/index.html
Users who purchased licenses on or after June 1, 2001 should
upgrade to SecureCRT 3.4.6 or SecureCRT 4.0 beta 3.
SecureCRT 3.4.6:
http://www.vandyke.com/download/securecrt/index.html
SecureCRT 4.0 beta 3:
http://www.vandyke.com/download/securecrt/beta.html
For more information about this vulnerability and VanDyke
Software's response to it, please visit our Security Advisory
page:
http://www.vandyke.com/products/securecrt/security07-25-02.html
If there are any questions related to these releases, please
send email to support@vandyke.com.
Thanks,
-Daniel Prevett
VanDyke Technical Support
support@vandyke.com
http://www.vandyke.com
