Want to link to this message? Use this URL:
< http://www.securityfocus.com/archive/1/8460 >
| To: | BugTraq |
| Subject: | Security flaw in htmlscript |
| Date: | Tue Jan 27 1998 17:28:53 |
| Author: | Joseph Jay Austin < joe@htmlscript.com > |
| Message-ID: | <34CE89D5.3970129@htmlscript.com> |
This message is in response to the security breach regarding our product, htmlscript, that was published in this list. We became aware earlier today of a security flaw in the htmlscript 2.99x distribution and certain earlier releases. This flaw allows people to get a copy of the system password (and other) files using our product. We are fixing this problem and will be making a binary only distribution of v2.9932 available to all licensees of the product. The current shipping version of the product (htmlscript v3.x/Miva 1.x) does not have this security flaw. All customers have the option of getting a copy of the latest release or a binary only fix of the 2.99x distribution. Both are, naturally, available at no charge. Customers wanting access to these binaries should contact support@htmlscript.com or should call our main number. Due to the serious nature of this problem we urge all htmlscript licensees to make this upgrade their highest priority. ---------------------- Htmlscript Corporation Joe Austin, President joe@htmlscript.com http://www.htmlscript.com 619-490-2570:main line 619-490-2571:direct ----------------------