[VIM] Vendor ACK for CVE-2006-3663
Steven M. Christey
coley at linus.mitre.org
Mon Jul 24 16:48:50 EDT 2006
FYI.
---------- Forwarded message ----------
Date: Mon, 24 Jul 2006 09:36:23 +0300
From: Raphael Barki
To: cve at mitre.org
Subject: CVE-2006-3663
Hi,
We are pleased to inform you that the security issue "Finjan Appliance
5100/8100 NG 8.3.5 stores passwords in plaintext in a backup file, which
allows local users to gain privileges" described here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3663
has been overcome with version 8.3.6 of Finjan's Vital Security
Appliance (NG 5100/8100), released on 23/7/06.
Non-user passwords in Archive or LDAP locations were not encrypted in
version 8.3.5. In order to prevent any potential vulnerability, the
passwords for LDAP and Archive (i.e., backup) are now encrypted in
version 8.3.6.
Please update your Web site accordingly and kindly send us a
confirmation when done.
Best regards,
Raphael
____________________________________________
Raphael Barki
Director of Product Marketing
More information about the VIM
mailing list