Bugtraq mailing list archives
Progress Database vulnerabilities
From: KF <dotslash () snosoft com>
Date: Fri, 05 Oct 2001 12:22:16 -0400
Some time ago I released an advisory on Progress 8.x and 9.x products (http://packetstormsecurity.org/0101-exploits/progress-db.txt) the company attempted to patch and was not successful... here are some notes I had lying around on various security issues in their products... I was basically told that there were so many holes found that it would not be feasable to fix them until the next revision of their code version (9.2 perhaps)? These holes are present in most versions of progress windows and unix to my knowledge. The attached was a letter that was forwarded to their staff several months back... I have been sitting on it for some time... this is maybe the 2nd or 3rd time I have told them about these issues. As of right now I am aware of NO fixes. -KF
Attachment:
stillvuln.txt
Description:
Current thread:
- Progress Database vulnerabilities KF (Oct 05)