[NPL] [Alert] Lasso Java Security Issue
TweetFollow Us on Twitter

[NPL] [Alert] Lasso Java Security Issue

IMPORTANT SECURITY ALERT

Attention All Lasso Customers,

September 4, 1998

A security hole was discovered and reported to Blue World Communications,
Inc. this afternoon. The security hole exposes a security problem which
allows any Lasso 2.x served database information to be available as "read
only" via Java-based communication. A Lasso customer was able to view
fields and data not intended for viewing in a Lasso-powered FileMaker
database using Symantec's Visual Cafe for Java Database Edition.

Immediately upon receipt of the report, Blue World engineers confirmed the
problem and began working on a fix. Available within hours of the report, a
security patch is now available at
http://www.blueworld.com/blueworld/download/.

All Lasso 2.x customers are advised to install the patch immediately,
regardless of whether or not they have deployed Java-enabled databases.

Lasso 2.5.1 customers are advised to install the patch and optionally
install the new Java Enabler module for more secure Java-based
communication. Lasso 2.5.1 customers are also advised to check their Lasso
security database settings to ensure that fields not meant to be viewed via
the Web are set with the "Dont Show" privilege. The security patch updates
Lasso 2.5.1 to Lasso 2.5.1a.

Lasso 2.0.3 customers are advised to install the security patch which
disables Java communication or upgrade to Lasso 2.5.1 and install the above
mentioned Lasso 2.5.1a patch for more secure Java communication. The
security patch updates Lasso 2.0.3 to Lasso 2.0.3a.

The security hole allowed only data to be viewed and not edited. To protect
Lasso-powered sites while they are updated with the security patch,
specific details regarding the routines used to view fields not intended
for viewing are not available. Information regarding potential security
issues with other products based on Lasso technology--including the recent
Beta Release 1 of the Lasso 3 product line--is also not available at this
time.

Symantec has been notified of the Lasso security issue and is in the
process of notifying Symantec Visual Cafe for Java Database Edition
registered customers.

Blue World would like to publicly acknowledge and thank Mike Stahulak and
Dave Johnson of Red Rock Software, Inc. for discovering and reporting the
problem.

Sincerely,

Bill Doerrfeld
President & CEO
Blue World Communications, Inc.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Latest Forum Discussions

See All

Combo Quest (Games)
Combo Quest 1.0 Device: iOS Universal Category: Games Price: $.99, Version: 1.0 (iTunes) Description: Combo Quest is an epic, time tap role-playing adventure. In this unique masterpiece, you are a knight on a heroic quest to retrieve... | Read more »
Hero Emblems (Games)
Hero Emblems 1.0 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0 (iTunes) Description: ** 25% OFF for a limited time to celebrate the release ** ** Note for iPhone 6 user: If it doesn't run fullscreen on your device... | Read more »
Puzzle Blitz (Games)
Puzzle Blitz 1.0 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0 (iTunes) Description: Puzzle Blitz is a frantic puzzle solving race against the clock! Solve as many puzzles as you can, before time runs out! You have... | Read more »
Sky Patrol (Games)
Sky Patrol 1.0.1 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0.1 (iTunes) Description: 'Strategic Twist On The Classic Shooter Genre' - Indie Game Mag... | Read more »
The Princess Bride - The Official Game...
The Princess Bride - The Official Game 1.1 Device: iOS Universal Category: Games Price: $3.99, Version: 1.1 (iTunes) Description: An epic game based on the beloved classic movie? Inconceivable! Play the world of The Princess Bride... | Read more »
Frozen Synapse (Games)
Frozen Synapse 1.0 Device: iOS iPhone Category: Games Price: $2.99, Version: 1.0 (iTunes) Description: Frozen Synapse is a multi-award-winning tactical game. (Full cross-play with desktop and tablet versions) 9/10 Edge 9/10 Eurogamer... | Read more »
Space Marshals (Games)
Space Marshals 1.0.1 Device: iOS Universal Category: Games Price: $4.99, Version: 1.0.1 (iTunes) Description: ### IMPORTANT ### Please note that iPhone 4 is not supported. Space Marshals is a Sci-fi Wild West adventure taking place... | Read more »
Battle Slimes (Games)
Battle Slimes 1.0 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0 (iTunes) Description: BATTLE SLIMES is a fun local multiplayer game. Control speedy & bouncy slime blobs as you compete with friends and family.... | Read more »
Spectrum - 3D Avenue (Games)
Spectrum - 3D Avenue 1.0 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0 (iTunes) Description: "Spectrum is a pretty cool take on twitchy/reaction-based gameplay with enough complexity and style to stand out from the... | Read more »
Drop Wizard (Games)
Drop Wizard 1.0 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0 (iTunes) Description: Bring back the joy of arcade games! Drop Wizard is an action arcade game where you play as Teo, a wizard on a quest to save his... | Read more »
See All

Price Scanner via MacPrices.net

Apple’s M4 Mac minis on sale for record-low p...
B&H Photo has M4 and M4 Pro Mac minis in stock and on sale right now for up to $150 off Apple’s MSRP, each including free 1-2 day shipping to most US addresses. Prices start at only $469: – M4... Read more
Deal Alert! Mac Studio with M4 Max CPU on sal...
B&H Photo has the standard-configuration Mac Studio model with Apple’s M4 Max CPU in stock today and on sale for $300 off MSRP, now $1699 (10-Core CPU and 32GB RAM/512GB SSD). B&H also... Read more
 

Jobs Board

  • Generate a short URL for this page:



All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.