[<prev] [next>] [month] [year] [list]
Date: Thu, 31 Aug 2006 22:28:46 -0400
From: "Sec Anon" <sec_anon@...mail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: [Informix] Is Telelogic's Synergy integrated Informix server also vulnerable?
Hi all,
Well we have read David's Litchfield's paper on how insecure and easy
cracking unpatched versions of Informix is. But how about the OEM vendors
like Telelogic with their Synergy product range? Telelogic's Synergy Change
and CM are enterprise products for Change Management control which exist in
many large corporations and are business critical. It might be sufficient to
say most likely these products are also vulnerable to the same attacks. As
they are OEM the existing patches can't be applied. Telelogic don't seem to
be doing anything about it, so how can we defend our boxes? We can't. This
is a request to the security community for support in helping to determine
if these OEM vendors are vulnerable and hopefully getting them to fix their
products.
http://www.databasesecurity.com/informix-securing.htm David's paper
http://www.telelogic.com/corp/products/synergy/index.cfm Vendor page
-SecAnon
_________________________________________________________________
Search from any web page with powerful protection. Get the FREE Windows Live
Toolbar Today! http://get.live.com/toolbar/overview
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux