[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: Clearswift Mimesweeper Path Traversal Vulnerability
From: Pete Simpson <pete.simpson () clearswift ! com>
Date: 2004-08-11 20:19:17
Message-ID: 20040811201917.2551.qmail () www ! securityfocus ! com
[Download RAW message or body]
In-Reply-To: <20040811154715.31487.qmail@mail2.securityfocus.com>
Two important points of clarification are needed.
Firstly, the vulnerability as described should refer specifically to the MIMEsweeper \
for Web product. It does not apply to the MAILsweeper for SMTP product.
Secondly, this vulneraility was fixed at MIMEsweeper for Web v. 5.0.4 in Feb. 2004. \
The current version is 5.0.5. The vulnerability reported by Pierre Kroma was found on \
a copy of v.5.0.1 (a year old).
Solution: Upgrade to 5.0.5 (17 June 2004)
http://www.clearswift.com/support/msw/patch_MswWeb.aspx
Pete Simpson
ThreatLab Manager
Clearswift
The MIMEsweeper Company
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic