On Mon, Jul 17, 2000 at 04:23:13PM -0400, Nathan Brindle wrote:
> ************************** SECURITY ADVISORY 1 **************************
>
> A security exposure has been discovered and fixed in LISTSERV and
> LISTSERV Lite. L-Soft recommends that all affected users apply the 2000b
> level set immediately.
>
> Please note carefully that this exposure differs from the exposure fixed
> by the 2000a level set released on 5 May 2000.
>
Hi :)
Does this vulnerability only affect the web interface (as said in Bugtraq) or also the basic listserv functions ?
The advisory doesn't tell what part of lsv is really affected...
In addition, the changelog in the Makefile (under Unix) doesn't mention the 2000a and 2000b patch levels although the Build Date is correct.
Thomas
--
Thomas
[log in to unmask]