Educause Security Discussion mailing list archives
Re: Upgrading Eudora clients due to recent vulnerability
From: Robert Berlinger <rnb () AECOM YU EDU>
Date: Mon, 14 Feb 2005 10:17:46 -0500
On the vulnerability, see http://www.ngssoftware.com/advisories/eudora-01.txt Is your version control/installation program something that you're in a position to share? -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Wayne J. Hauber Sent: Monday, February 14, 2005 9:37 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Upgrading Eudora clients due to recent vulnerability At 04:11 AM 2/11/2005, Gary Dobbins wrote:
Joe St Sauver wrote:I'd really be interested if anyone's found my fantasy agent-based "tell users which of all their applications need to be updated"-type application (particularly if it is open source or cheap enough that I can afford it for everyone who needs it on campus!)
We have had a version control/automated installation program since the mid-90's. It has been our main way to install programs like Eudora. It isn't an agent based thing, you must launch it to see what needs updating. It highlights out of date packages in red. Our installer also remembers where each program was installed and installs it in the correct directory. Thus, we aren't struggling with the original issue that started this thread. I haven't seen any description of the vulnerability that has everyone concerned. If I knew what the problem was, I could justify making a big push to upgrade Eudora. We won't have a hard time doing the installs. We always have a hard time getting people excited enough to take the time.
We too are trying to push that Eudora update here. And will get in line to get that magic "oil-change" application to give our users. These updates are critical to us, but not to the users with nothing on fire as far as they can tell. We have to close that perception gap. Awareness plus incentives? -- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Wayne Hauber (515) 294-9890 Network Information & Microcomputer Network Services Office of Academic Information Technologies 109 Durham Center, ISU, Ames, Iowa 50011 wjhauber () iastate edu ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Upgrading Eudora clients due to recent vulnerability Robert Berlinger (Feb 10)
- <Possible follow-ups>
- Re: Upgrading Eudora clients due to recent vulnerability H. Morrow Long (Feb 10)
- Re: Upgrading Eudora clients due to recent vulnerability Joe St Sauver (Feb 10)
- Re: Upgrading Eudora clients due to recent vulnerability Valdis Kletnieks (Feb 10)
- Re: Upgrading Eudora clients due to recent vulnerability Gary Dobbins (Feb 11)
- Re: Upgrading Eudora clients due to recent vulnerability Wayne J. Hauber (Feb 14)
- Re: Upgrading Eudora clients due to recent vulnerability Robert Berlinger (Feb 14)
- Re: Upgrading Eudora clients due to recent vulnerability Wayne J. Hauber (Feb 16)
- Re: Upgrading Eudora clients due to recent vulnerability H. Morrow Long (Feb 23)
- Re: Upgrading Eudora clients due to recent vulnerability Robert Berlinger (Feb 24)