(Vendor Releases Fix) Re: Elron Anti-Virus and Elron Message Inspector Give Unauthorized Access to Files to Remote Users
|
Date: Mar 27 2001 14:36 (UTC/GMT)
|
Impact: Disclosure of system information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Description: A vulnerability has been reported in Elron's Internet Manager (IM) products that allow remote users to obtain files and directory listings of files outside of the product's root directory.
The vendor reports that this problem is now fixed in MI/AV v3.0.4.
|
Impact: A remote user can gain unauthorized access to files and directories on the server.
|
Solution: Obtain the vendor fix. (v3.0.4)
|
Vendor URL: www.elronsw.com/ (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Windows (NT), Windows (2000)
|
Reported By: Justin Fry <jfry@ELRONSW.COM>
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Message Contents
|
Date: Mon, 26 Mar 2001 12:55:29 -0500
From: Justin Fry <jfry@ELRONSW.COM>
Subject: http://archives.neohapsis.com/archives/bugtraq/2001-03/0345.html
|
Dear Sirs,
The error reported by Erik in this note is now fixed in MI/AV v3.0.4
http://archives.neohapsis.com/archives/bugtraq/2001-03/0345.html
Best regards,
Justin Fry
Director, Worldwide Product Marketing
Elron Software, Inc.
USA Office: +1 781-993-6201
Email: jfry@elronsw.com
http://www.internetmanager.com
|
|
