<<< Date Index >>>     <<< Thread Index >>>

Re: Format String Vulnerability in Tripwire



In-Reply-To: <20040603215236.7815.qmail@xxxxxxxxxxxxxxxxxxxxx>


One more quick note -- I think I had a brain freeze and gave Paul the wrong 
commerical version numbers. This vulnerability exists in all currently shipping 
TFS releases, which means <= 4.0.1.

Sorry I didn't catch this the first time.

Ron Forrester
Security Architect
Tripwire, Inc.

>>VERSIONS AFFECTED
>>-----------------
>>Tripwire commercial versions <= 2.4
>>Tripwire open source versions <= 2.3.1
>