Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

WRQ, Inc. Information for VU#758054

Date Notified:
Date Updated:
Statement Date:
Status Summary:Vulnerable

Vendor Statement

Problem Correction:

Upgrade to Reflection for Secure IT Windows Server version 6.0 build 24 or, if upgrading is not immediately possible, enter all possible case combinations of the strings in the "Deny login for users" and "Allow login for users" edit fields.

For additional details and server upgrade information, please see:
http://support.wrq.com/techdocs/1867.html

AttachmateWRQ recommends that you bookmark and regularly check the Security Updates and Reflection for Secure IT web page for the latest information about updates and vulnerabilities:
http://support.wrq.com/techdocs/1910.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Note that the upgrade restores case insensitivity, the behavior prior to version 6.0. This may result in usernames matching expressions in the allow list that did not match in earlier versions of Reflect for Secure IT Windows server v6.0.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information