Mallesons Stephen Jaques www.mallesons.com Confidential communication FYI for those using williamette etc........... -----Original Message----- From: securcare_note@xxxxxxxxxxxxxxx [mailto:securcare_note@xxxxxxxxxxxxxxx] Sent: Tuesday, 25 February 2003 4:23 AM To: Rowlandson, John Subject: Potential Vulnerabilities Fixed in RSA ACE/Agent 5.0 for Windows and RSA ACE/Agent 5.0 & 5.1 for Web ** Please do not reply to this email. To change or cancel your = subscription to RSA SecurCare Notes & Alerts, please log on to SecurCare = Online at=20 https://knowledge.rsasecurity.com, click "Notes Registration" in the = left-hand navigation bar, and follow the instructions on the page to = unsubscribe from this service. Dear RSA SecurCare Online Customer: RSA Security has recently fixed potential security vulnerabilities in = RSA ACE/Agent 5.0 for Windows and RSA ACE/Agent 5.0 & 5.1 for Web when = used to protect Web applications and files on Microsoft IIS, Apache, and = Sun ONE Web servers. The potential security issues have been addressed = and thoroughly qualified by RSA Security. RSA Security is not aware of any security breaches resulting from these = potential vulnerabilities. Customers using RSA ACE/Agents to protect = local, remote, and network access on the Windows operating system are = not affected. Customers using RSA ACE/Agent 1.1 & 1.2 for iPlanet and = RSA ACE/Agent 1.1 for Domino Web server are not affected. Recommendation: RSA Security has isolated and corrected these potential vulnerabilities = and has released agent updates. RSA Security recommends that customers = using these agents to protect Microsoft Internet Information Service = (IIS), Apache, and Sun ONE Web servers apply this update immediately to = prevent potential security issues. The updated RSA ACE/Agent 5.0 for = Windows and RSA ACE/Agent 5.0 & 5.1 for Web are available at the = following locations: RSA SecurCare Online: Log on to SecurCare Online at https://knowledge.rsasecurity.com and = click "Downloads". Using the drop-down menus under the heading Download = Security Fixes, select "RSA SecurID" from the Product Family menu. Then, = select "ACE/Agent 5.x for Web" or "ACE/Agent 5.0 for Windows" from the = Product Name menu depending on your operating system. Next, click the = "Find It!" button and click the appropriate icon links to download the = agent and readme files. Lastly, follow the instructions in the readme = file before installing the updated agent. FTP Sites: Click the appropriate link below to immediately download the updated = agent and Readme: RSA ACE/Agent 5.0 & 5.1 for Web Fix: <ftp://ftp.rsasecurity.com/support/Patches/Ace/Agent/5.1.1_Agent/WebAgent= 5.1.1.tar.gz> <ftp://ftp.rsasecurity.com/support/Patches/Ace/Agent/5.1.1_Agent/web_secu= rity_readme.txt> RSA ACE/Agent 5.0 for Windows Fix: <ftp://ftp.rsasecurity.com/support/Patches/Ace/Agent/5.0.1_Agent/Win_Agen= t501.zip> <ftp://ftp.rsasecurity.com/support/Patches/Ace/Agent/5.0.1_Agent/Win_secu= rity_readme.txt> Getting More Information: For more information on the RSA ACE/Agent 5.0 for Windows (IIS), please = visit: http://www.rsasecurity.com/products/securid/techspecs/windows.html For more information on the RSA ACE/Agent 5.1 for Web (Apache/Sun ONE), = please visit: http://www.rsasecurity.com/products/securid/techspecs/webagent.html Getting Support and Service: For customers with current maintenance contracts, please contact your = local RSA Security Technical Support department with any additional = questions regarding this SecurCare Alert. Contact phone numbers can be = found on RSA Security's Web site at: http://www.rsasecurity.com/support/contact.html General Technical Support Information: http://www.rsasecurity.com/support SecurCare Online: https://knowledge.rsasecurity.com About SecurCare Notes & Alerts Subscription: SecurCare Notes & Alerts are targeted email messages RSA Security sends = you based on which RSA product family you currently use. If you'd like = to stop receiving SecurCare Notes & Alerts, or if you'd like to change = which RSA product family's Notes & Alerts you currently receive, please = log on to https://knowledge.rsasecurity.com and click "Notes Registration" in the = left navigation menu. Following the instructions on the page, remove the = check mark next to the RSA product family whose Notes & Alerts you no = longer wish to receive. Then click the "Submit" button to save your = selection. Sincerely, RSA Security Customer Support ********************************************************* This Week's Sponsor - ThinPrint Simply the best print solution for Citrix Metaframe and Microsoft Terminal Services! http://www.thinprint.com ********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm