Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Bugtraq: Vapid Labs Security Advisory for PrimeBase Database 4.2 (update)

Vapid Labs Security Advisory for PrimeBase Database 4.2 (update)

From: Larry W. Cashdollar <lwc_at_vapid.ath.cx>
Date: Mon, 17 May 2004 20:27:38 -0400 (EDT)

This is in response to bugtraq id 8771,9087.

---------- Forwarded message ----------
Date: Fri, 14 May 2004 07:19:18 -0700
From: Barry Leslie
To: Larry W. Cashdollar <lwc_at_vapid.ath.cx>
Subject: Re: WG: Vapid Labs Security Advisory for PrimeBase Database 4.2

Hi,

I am not sure if you are aware or not but there is a new version of
PrimeBase available at:
http://www.Primebase.com/ftp/releases/4229/
that addresses all of the concerns that you have reported.

Thank you for reporting these things to us.

Barry

> From: "Larry W. Cashdollar" <lwc_at_vapid.ath.cx>
> Date: Wed, 29 Oct 2003 15:37:50 -0500 (EST)
> To: Barry Leslie <barry.leslie_at_primebase.com>
> Subject: Re: WG: Vapid Labs Security Advisory for PrimeBase Database 4.2
>
>
> You guys should also hash the password stored in password.adm. Storing
> passwords in clear text is dangerous. Users should also be instructed to
> change the file permissions to something more restrictive.. like read only
> for that user...
>
> # chmod 400 password.adm
>
> -- Larry
>
Received on May 18 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]