uShop English (U.S.) for 179!

uStorekeeper English (U.S.) for 149!

 Products
       uTest
       uReserve
       uShop
       uStorekeeper
       uGolf
       uDirectory
       uSignIn
 Tech Support
       Support Policy
       Knowledge Base
            uTest
            uReserve
            uShop
            uStorekeeper
            uGolf
            uDirectory
            uSignIn
       Documentation
       Reference Sites
 Legal
       Software Piracy
       Legal Notices
       Privacy Policy
       Licensing
 Miscellaneous
       Reseller Info
       Contact Us
       Site Map
Security hole?

Knowledge Base Lobby : uStorekeeper Support Conference : General Questions
Nov-21-17 12:24 PM EST
Original Message
Security hole?
Author jill on 04-05-2001 at 18:12 (EST)
My client, Chuck, received the email below which says that there is a security hole in the ustorekeeper program. If you click on the links.. you can see that they actually accessed his server and were able to read the various directories.. including his secure bin. This is, obviously, a very serious concern. Please investigate this ASAP and respond to us both.

Jill O.

-----Original Message-----
From: a muscaria [mailto:amuscaria@usa.net]
Sent: Wednesday, April 04, 2001 4:12 PM
To: kitagami@sonic.net
Subject:


ufff...
you have a little problem with your web wwww.eastwindart.com
the cibershop ustorekeeper have a bug and permit read and execute
arbitrary commands. check:

(links removed)

bye.

amuscaria.
E-MAIL AUTHOR | TABLE OF CONTENTS

Table Of Contents
  RE: Security hole? Bill Weiner, 2001-04-05 20:36:52 (1)

Messages In This Discussion
         1. RE: Security hole?
        Author Bill Weiner on 04-05-2001 at 20:36 (EST)
It sounds like your client is using an older version of uStorekeeper and is experiencing a problem that was corrected back in version 1.61 and improved further in version 1.67... as listed on the uStorekeeper updates page at:

http://www.uburst.com/uStorekeeper/updates.html

So it is recommended that he updates to the latest version.
TABLE OF CONTENTS

© 2003 Microburst Technologies, Inc.