lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 10 Oct 2007 11:01:07 -0000
From: support@...rt.com
To: bugtraq@...urityfocus.com
Subject: Regarding vulnerability in ViArt Shop

Hello,  

We would like to announce that we have released a patch of ideal_process.php after release 3.3 beta has been issued.

There was a vulnerability which permitted a site visitor to view paths to certificates and private key of the merchant for the iDEAL payment gateway.
All releases including 3.3 beta are vulnerable. 

A new 3.3 version will have a fixed version of  the script.

Therefore, please download a fixed version of the file from here: http://www.viart.com/downloads/ideal_process-3.3.zip

More info on this issue can be found here: http://www.viart.com/ideal_process_script_fix_for_release_32_and_33_beta.html

With kind regards,
ViArt Team

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ