Re: NMRC Advisory - KeyManager Issue in ISS RealSecure

[hellNbak <hellnbak () nmrc org>]

Sorry for the added traffic but there was a typo in the original advisory.
The offending line in the ISS.ACCESS file should have looked like this;

[\Roles\KeyAdministrator\starscream_skank\];

I dropped the r.  my bad...

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

"I don't intend to offend, I offend with my intent"

hellNbak () nmrc org
http://www.nmrc.org/~hellnbak

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

---------- Forwarded message ----------
Date: Wed, 20 Mar 2002 18:32:40 -0500 (EST)
From: weasel () www nmrc org
To: hellNbak <hellnbak () nmrc org>
Cc: nmrcfolk () nmrc org
Subject: Re: NMRC Advisory - KeyManager Issue in IS


> [\Roles\KeyAdministrato\starscream_skank\];
Did you commit a typo and leave an 'r' out of "KeyAdministrator"? If not,
does the incomplete role name in fact break the possiblility of exploit?