The observation and recommendation is specifically generated by Foundstone
Labs' software.
It's my fault to suggest that might be related to Hotfix-2008-08-12.
>From my side, I will try to stop improper information from Foundstone lab.
Thanks, marr
On Mon, Jul 20, 2009 at 12:20 PM, Andreas Jung
Dennis Allison wrote at 2009-7-19 17:03 -0700:
>Zope 2.11, Python 2.4
> ...
># EOFError
>#
># Traceback (most recent call last):
> ...
>dest_base_info, dest_sub_info = self._getRemoteList(remote, path)
>File "/opt/zope/zinstances/xxx/Products/ZSyncer/ZSyncer.py", line
>1211,
>in _getRemoteList
>r
+---[ Chris McDonough ]--
| This may be true. However, I notice that whomever makes the Foundstone
website
| can't spell either ("Costumer" for "Customer" in the "How you found out about
| us" dropdown). ;-) So... guilty till proven innocent as far as I'm concerned.
Do
On 20.07.09 04:06, TsungWei Hu wrote:
> I have a Plone 3.2.3 site that runs with Zope 2.10.8 and receive a
> security notice as follows. Is it sufficient to fix this just
> installing http://www.zope.org/Products/Zope/Hotfix-2008-08-12 ?
> Thanks, /marr/
>
>
> Although the Zope development environm
This may be true. However, I notice that whomever makes the Foundstone website
can't spell either ("Costumer" for "Customer" in the "How you found out about
us" dropdown). ;-) So... guilty till proven innocent as far as I'm concerned.
- C
On 7/19/09 11:45 PM, Ricardo Newbery wrote:
>
> It mig
It might be premature to blame this on Foundstone. I can't seem to
find this security advisory online at all. No advisory id was
included nor any reference at all and the recommendation doesn't look
at all like what usually comes from a legit advisory. I smeil a fake.
Ric
On Jul 19, 2
I just sent the below via http://www.foundstone.com/us/contact-form.aspx . I'd
suggest that others do the same; this company is totally wrong about this
conclusion...
You recently issued a security warning to the effect:
"""
= Name =
Zope HTTP Request Denial of Service Vulnerability
= Descri
I have no idea who "Foundstone Labs" is, nor if the denial of service
vulnerability they're talking about is indeed the one fixed by
http://www.zope.org/advisories/advisory-2008-08-12/ but:
a) if it is, if you read it closely, you'll note that it's for Zope instances
where untrusted users have
I have a Plone 3.2.3 site that runs with Zope 2.10.8 and receive a security
notice as follows. Is it sufficient to fix this just installing
http://www.zope.org/Products/Zope/Hotfix-2008-08-12 ? Thanks, /marr/
= Name =
Zope HTTP Request Denial of Service Vulnerability
= Description =
A vulnerabi
Zope 2.11, Python 2.4
The authentication issue has been resolved. Our Zopes run with Pound as a
reverse proxy front-end. Current versions of Pound demand conformity to
the http protocol which ZSyncer violates. The error returned
was interpreted incorrectly as an Authentication Error. Connec
10 matches
Mail list logo
