I must have misread your instructions because I stopped both our email and flashboards when I added the passwords to the server because I thought they only became active when the server was stopped/started. They became active immediately and our flashboards started showing ARERR 3600 and the email engine stopped sending and receiving mail. We removed the passwords and bumped everything and its all back to normal but it was hectic for a while.
-Alan (Nick) Nicoll BGO/PSG/WFBU/DocuSP Problem Management System Administrator 8*823-5081 ESC1-615 -----Original Message----- From: Axton [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 02, 2006 8:20 AM Subject: Re: ARSWiki: New Article See coments below. Axton On 8/2/06, Lucero, Michelle - IST contractor <[EMAIL PROTECTED]> wrote: > This is very interesting stuff, Axton. > > Can you help clarify this statement for me? > > "At the time the last affected version (v6.3) is no longer 'officially' > supported by the vendor, the full vulnerability will be published." > > My interpretation is that the full vulnerability will be published when > 6.3 is no longer supported. Although, we can easily guess what the full > vulnerability is by the description in the article(s), can't we obtain > the full vulnerability statement from BMCRemedy Tech Support? I won't comment on this. > > Also, if one's servers are not exposed to the internet, wouldn't the > only attack be internal, especially if the Remedy Email engine is not > accepting incoming email. This is true for the RappSvc account. The email DoS does not apply to incoming email if you do not have incoming email configured; though it still applies to internal exploitation. > > On another note. For the Secure ARS article. Most of the instructions > appear to be listed for ARS 6.01. Do the same instructions apply if > individuals are using 6.3 products; including Flashboards? Contributions are welcome. I am working in a 6.0.1 environment, so this is what I write about. :) > > Thanks again for this great information. > Michelle > > -----Original Message----- > From: Action Request System discussion list(ARSList) > [mailto:[EMAIL PROTECTED] On Behalf Of Axton Grams > Sent: Tuesday, August 01, 2006 9:35 PM > To: [email protected] > Subject: ARSWiki: New Article > > A new article is available on ARSWiki covering known, unaddressed > security vulnerabilities in Remedy and Remedy related products. I have > posted three vulnerabilities that I found first-hand. There is interest > in the following types of vulnerabilities, if anyone can contribute: > - XSS (cross-site scripting) vulnerabilities in Mid-Tier 6.0.1, 6.3, and > 7.0 > - DoS vulnerabilities via api calls. e.g., call x with parameter y > causes ARS to crash > > http://arswiki.org/wiki/index.php?title=ARS_Vulnerabilities > > Thanks, > Axton Grams > > ________________________________________________________________________ > _______ > UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org > > ________________________________________________________________________ _______ > UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org > ________________________________________________________________________ _______ UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
