| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 May 2004 20:27:38 -0400 (EDT) From: "Larry W. Cashdollar" <lwc@...id.ath.cx> To: bugtraq@...urityfocus.com Subject: Vapid Labs Security Advisory for PrimeBase Database 4.2 (update) This is in response to bugtraq id 8771,9087. ---------- Forwarded message ---------- Date: Fri, 14 May 2004 07:19:18 -0700 From: Barry Leslie To: Larry W. Cashdollar <lwc@...id.ath.cx> Subject: Re: WG: Vapid Labs Security Advisory for PrimeBase Database 4.2 Hi, I am not sure if you are aware or not but there is a new version of PrimeBase available at: http://www.Primebase.com/ftp/releases/4229/ that addresses all of the concerns that you have reported. Thank you for reporting these things to us. Barry > From: "Larry W. Cashdollar" <lwc@...id.ath.cx> > Date: Wed, 29 Oct 2003 15:37:50 -0500 (EST) > To: Barry Leslie <barry.leslie@...mebase.com> > Subject: Re: WG: Vapid Labs Security Advisory for PrimeBase Database 4.2 > > > You guys should also hash the password stored in password.adm. Storing > passwords in clear text is dangerous. Users should also be instructed to > change the file permissions to something more restrictive.. like read only > for that user... > > # chmod 400 password.adm > > -- Larry >
Powered by blists - more mailing lists