[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntbugtraq
Subject:    Allaire Cold Fusion response to RDS vulnerability
From:       Terry Reed <terry () CONCEPT5 ! COM>
Date:       1999-07-30 16:08:42
[Download RAW message or body]

Allaire has issued an Allaire Security Bulletin (ASB99-11) as a response
to the RDS vulnerability:

http://www.allaire.com/handlers/index.cfm?ID=11713&Method=Full

Here's the summary:

"Summary
As indicated in Microsoft Security Bulletin MS98-004 and MS99-025 (links
below), some Microsoft Data Access Components (MDAC) could allow
unauthorized access to a web server hosted on Microsoft Windows NT. This
is not a problem with ColdFusion Server. However, Allaire customers
running on Windows NT should take the steps outlined below to protect
themselves from this vulnerability.

[NOTE: ColdFusion RDS ("Remote Development Services") are an entirely
different technology than the MDAC RDS ("Remote Data Services") and do
not make use of MDAC RDS. The remainder of this Bulletin uses "RDS" to
refer to the MDAC Remote Data Services, not the ColdFusion Remote
Development Services.]"

--
    Terry

[prev in list] [next in list] [prev in thread] [next in thread]