lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 17 Sep 2008 10:05:09 -0400
From: "Nick Owen" <owen.nick@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: WiKID Systems Security Advisory - Updated tomcat
	packages

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


WiKID Systems Security Advisory

Summary
=======

The WiKID Strong Authentication server utilizes the Tomcat application
server for both the WiKIDAdmin web management interface and for
processing one-time passcodes.  This release updates Tomcat to 5.5.27
which patches several security vulnerabilities.


Affected Products
=================
The WiKID Strong Authentication Server - Enterprise Edition
The WiKID Strong Authentication Server - Community Edition

References
==========

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286

Mitigation
==========

Commercial users may download the most recent RPMs from the website:
http://www.wikidsystems.com/downloads/

Users of the open source community version may download packages from
Sourceforge:
https://sourceforge.net/project/showfiles.php?group_id=144774



- --
Nick Owen
WiKID Systems, Inc.
404-962-8983 (desk)
http://www.wikidsystems.com
Two-factor authentication, without the hassle factor.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjQATkACgkQvhL875pdRY1NpwCglMttfAfrn720O7foyT/ih1/l
Ss8An0GDsmb2DzLYjer6S9+Qvh0oALiz
=mEYx
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ