So have you gained control over the server yet? :) Amy Harbor Computer Services Small Business Computer Specialists Client Blog: http://smalltechnotes.blogspot.com/ Tech Blog: http://isainsbs.blogspot.com/ Website: http://www.harborcomputerservices.net/ -----Original Message----- From: sbradcpa@xxxxxxxxxxx [mailto:sbradcpa@xxxxxxxxxxx] Sent: Friday, December 09, 2005 2:34 AM To: [ISAserver.org Discussion List] Subject: [isalist] OT: Seeing what this listserve runs on... http://www.ISAserver.org [ Lyris ListManager Multiple Flaws ] The Lyris ListManager software is vulnerable to numerous SQL injection, source code dislosure, and authentication bypass flaws. The ListManager software runs on Linux, Solaris, and Windows and can be configured to use one of the following database backends: PostgreSQL, Oracle, and MSSQL/MSDE. These flaws can be used to gain complete access to the ListManager data and often the host server itself. - http://metasploit.com/research/vulns/lyris_listmanager/ Susan ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: amy@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx