[Cache-News] Security Alert
26 views
Skip to first unread message
cache-ne...@intersystems.com
Mar 3, 2004, 2:12:42 PM3/3/04
to x...@info2.kinich.com
InterSystems has encountered a critical issue with a Cache' class which
could allow an attacker to access any file on a Cache' Server. This
vulnerability is in a class which is not required on production systems.
This class is included in all releases of Cache' 5.0.
InterSystems recommends that this class be removed using one of the
following methods:
1. From Explorer
select "Namespaces-->%CACHELIB-->Classes"
Right-click on "%XML.Utils.SchemaServer"
select "Delete"
or
2. From Terminal, enter the following commands:
zn "%cachelib"
do %system.OBJ.Delete("%XML.Utils.SchemaServer")
InterSystems is working on a solution to remove this vulnerability from
future versions.
could allow an attacker to access any file on a Cache' Server. This
vulnerability is in a class which is not required on production systems.
This class is included in all releases of Cache' 5.0.
InterSystems recommends that this class be removed using one of the
following methods:
1. From Explorer
select "Namespaces-->%CACHELIB-->Classes"
Right-click on "%XML.Utils.SchemaServer"
select "Delete"
or
2. From Terminal, enter the following commands:
zn "%cachelib"
do %system.OBJ.Delete("%XML.Utils.SchemaServer")
InterSystems is working on a solution to remove this vulnerability from
future versions.
Reply all
Reply to author
Forward
0 new messages