Bugtraq mailing list archives
Re: Security Hole in Axent ESM
From: mudge () L0PHT COM (Dr. Mudge)
Date: Thu, 27 Aug 1998 10:27:53 -0500
I talked with our Axent contact and he claimed that their file integrity validation could not be compromised by a hacker because Axent has security experts that designed ESM.
These are probably the same 'experts' that decided in 4.4 that XOR was a strong cryptographic method of protecting the communications back to the server from the remote clients. Apparently they changed this in 4.5 but probably only after someone called their 'security experts' on it. .mudge
Current thread:
- Re: Security Hole in Axent ESM Larry Bassett (Aug 27)
- <Possible follow-ups>
- Re: Security Hole in Axent ESM Dr. Mudge (Aug 27)
- Re: Security Hole in Axent ESM Steve McBride (Aug 27)
- Re: Security Hole in Axent ESM Douglas G Conorich (Aug 27)
- Re: Security Hole in Axent ESM Mark (Aug 28)
- Re: Security Hole in Axent ESM Bert Driehuis (Aug 29)
- Re: Security Hole in Axent ESM Mark (Aug 28)
- Re: Security Hole in Axent ESM Douglas G Conorich (Aug 27)
- Re: Security Hole in Axent ESM Steve Jackson (Aug 28)
- Re: Security Hole in Axent ESM Paul Ashton (Aug 28)
- Re: Security Hole in Axent ESM Andy Church (Aug 29)
- Re: Security Hole in Axent ESM reddog (Aug 30)
- Re: Security Hole in Axent ESM Andy Church (Aug 31)
(Thread continues...)