Bugtraq mailing list archives
Vapid Labs Security Advisory for PrimeBase Database 4.2 (update)
From: "Larry W. Cashdollar" <lwc () vapid ath cx>
Date: Mon, 17 May 2004 20:27:38 -0400 (EDT)
This is in response to bugtraq id 8771,9087. ---------- Forwarded message ---------- Date: Fri, 14 May 2004 07:19:18 -0700 From: Barry Leslie To: Larry W. Cashdollar <lwc () vapid ath cx> Subject: Re: WG: Vapid Labs Security Advisory for PrimeBase Database 4.2 Hi, I am not sure if you are aware or not but there is a new version of PrimeBase available at: http://www.Primebase.com/ftp/releases/4229/ that addresses all of the concerns that you have reported. Thank you for reporting these things to us. Barry
From: "Larry W. Cashdollar" <lwc () vapid ath cx> Date: Wed, 29 Oct 2003 15:37:50 -0500 (EST) To: Barry Leslie <barry.leslie () primebase com> Subject: Re: WG: Vapid Labs Security Advisory for PrimeBase Database 4.2 You guys should also hash the password stored in password.adm. Storing passwords in clear text is dangerous. Users should also be instructed to change the file permissions to something more restrictive.. like read only for that user... # chmod 400 password.adm -- Larry
Current thread:
- Vapid Labs Security Advisory for PrimeBase Database 4.2 (update) Larry W. Cashdollar (May 18)