Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MMDF

From: seclabs () NAI COM (NAI Labs)
Date: Tue, 22 Feb 2000 19:11:38 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All versions of the publicly available MMDF prior to version
2.44.b4 are vulnerable.  The version of MMDF distributed with SCO
OpenServer was found to be vulnerable, and NAI's advisory was based
on this information.

The latest stable version is 2.44 and NOT 2.43 as previously stated.
The latest version of MMDF, which has not been vulnerable to these
attacks for some time, has been recently updated and is available at:

ftp://www.mathematik.uni-kl.de/pub/Sources/mail+news/mmdf/

- -rw-r--r-- 1 mmdf  mail  1416811 Feb 21 22:59 mmdf-2.44-final.tar.gz

Also, as previously mentioned, patches for the vulnerable version
shipped with SCO OpenServer are available from:

http://www.sco.com/security.

Please feel free to contact us with any additional questions.

NAI Security Labs
seclabs () nai com

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
Comment: Crypto Provided by Network Associates <http://www.nai.com>

iQA/AwUBOLNP6qF4LLqP1YESEQIJegCguaPr65jZFdQUvi1+3idzAVyB3WcAnA5L
x3moOvs7biru0kZr7U1xnCm3
=i6aM
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: