>i hope someone it ipswitch is paying attention to bugtraq, that guys seems
>pretty convinced at least that there IS an exploitable hole.
They definitely are paying attention, and have tried to reproduce the problem.
I, however, can give very little credibility to a hacker that sends a
program to thousands of people, trying to get them to run it, claiming that
it is a patch. The standard procedure when finding a security hole is to
inform the company that makes the product, give them time to fix it, and
then post information about the hole. Bypassing the step of informing the
company is very unprofessional, and sending a patch that is almost
certainly a trojan horse -- well I'll let everyone come to their own
conclusion about that one.
FWIW, Ipswitch has a very good track record in dealing with *legitimate*
security holes.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit the Knowledge Base for answers to frequently asked
questions: http://www.ipswitch.com/support/IMail/
