[NPL] [Alert] Lasso Java Security Issue
TweetFollow Us on Twitter

[NPL] [Alert] Lasso Java Security Issue

IMPORTANT SECURITY ALERT

Attention All Lasso Customers,

September 4, 1998

A security hole was discovered and reported to Blue World Communications,
Inc. this afternoon. The security hole exposes a security problem which
allows any Lasso 2.x served database information to be available as "read
only" via Java-based communication. A Lasso customer was able to view
fields and data not intended for viewing in a Lasso-powered FileMaker
database using Symantec's Visual Cafe for Java Database Edition.

Immediately upon receipt of the report, Blue World engineers confirmed the
problem and began working on a fix. Available within hours of the report, a
security patch is now available at
http://www.blueworld.com/blueworld/download/.

All Lasso 2.x customers are advised to install the patch immediately,
regardless of whether or not they have deployed Java-enabled databases.

Lasso 2.5.1 customers are advised to install the patch and optionally
install the new Java Enabler module for more secure Java-based
communication. Lasso 2.5.1 customers are also advised to check their Lasso
security database settings to ensure that fields not meant to be viewed via
the Web are set with the "Dont Show" privilege. The security patch updates
Lasso 2.5.1 to Lasso 2.5.1a.

Lasso 2.0.3 customers are advised to install the security patch which
disables Java communication or upgrade to Lasso 2.5.1 and install the above
mentioned Lasso 2.5.1a patch for more secure Java communication. The
security patch updates Lasso 2.0.3 to Lasso 2.0.3a.

The security hole allowed only data to be viewed and not edited. To protect
Lasso-powered sites while they are updated with the security patch,
specific details regarding the routines used to view fields not intended
for viewing are not available. Information regarding potential security
issues with other products based on Lasso technology--including the recent
Beta Release 1 of the Lasso 3 product line--is also not available at this
time.

Symantec has been notified of the Lasso security issue and is in the
process of notifying Symantec Visual Cafe for Java Database Edition
registered customers.

Blue World would like to publicly acknowledge and thank Mike Stahulak and
Dave Johnson of Red Rock Software, Inc. for discovering and reporting the
problem.

Sincerely,

Bill Doerrfeld
President & CEO
Blue World Communications, Inc.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Latest Forum Discussions

See All

Delve back into the Sanctum of Rebirth t...
I don’t know about you, but I am all for a big, interconnected tree of lore in games or series. The MCU, the fabulous marathon that is The Legend of Heroes, and the long-running MMO Runescape. The Ode of the Devourer quest has released and is the... | Read more »
Fresh From the Land Down Under – The Tou...
After a two week hiatus, we are back with another episode of The TouchArcade Show. Eli is fresh off his trip to Australia, which according to him is very similar to America but more upside down. Also kangaroos all over. Other topics this week... | Read more »
TouchArcade Game of the Week: ‘Dungeon T...
I’m a little conflicted on this week’s pick. Pretty much everyone knows the legend of Dungeon Raid, the match-3 RPG hybrid that took the world by storm way back in 2011. Everyone at the time was obsessed with it, but for whatever reason the... | Read more »
SwitchArcade Round-Up: Reviews Featuring...
Hello gentle readers, and welcome to the SwitchArcade Round-Up for July 19th, 2024. In today’s article, we finish up the week with the unusual appearance of a review. I’ve spent my time with Hot Lap Racing, and I’m ready to give my verdict. After... | Read more »
Draknek Interview: Alan Hazelden on Thin...
Ever since I played my first release from Draknek & Friends years ago, I knew I wanted to sit down with Alan Hazelden and chat about the team, puzzle games, and much more. | Read more »
The Latest ‘Marvel Snap’ OTA Update Buff...
I don’t know about all of you, my fellow Marvel Snap (Free) players, but these days when I see a balance update I find myself clenching my… teeth and bracing for the impact to my decks. They’ve been pretty spicy of late, after all. How will the... | Read more »
‘Honkai Star Rail’ Version 2.4 “Finest D...
HoYoverse just announced the Honkai Star Rail (Free) version 2.4 “Finest Duel Under the Pristine Blue" update alongside a surprising collaboration. Honkai Star Rail 2.4 follows the 2.3 “Farewell, Penacony" update. Read about that here. | Read more »
‘Vampire Survivors+’ on Apple Arcade Wil...
Earlier this month, Apple revealed that poncle’s excellent Vampire Survivors+ () would be heading to Apple Arcade as a new App Store Great. I reached out to poncle to check in on the DLC for Vampire Survivors+ because only the first two DLCs were... | Read more »
‘Neverness to Everness’ Is a Free To Pla...
Perfect World Games and Hotta Studio (Tower of Fantasy) announced a new free to play open world RPG in the form of Neverness to Everness a few days ago (via Gematsu). Neverness to Everness has an urban setting, and the two reveal trailers for it... | Read more »
Meditative Puzzler ‘Ouros’ Coming to iOS...
Ouros is a mediative puzzle game from developer Michael Kamm that launched on PC just a couple of months back, and today it has been revealed that the title is now heading to iOS and Android devices next month. Which is good news I say because this... | Read more »
See All

Price Scanner via MacPrices.net

Amazon and Best Buy have Apple’s 10th-generat...
Amazon and Best Buy are offering $50-$30 discounts on Apple’s 10th-generation iPads this week, with models now available starting at only $299. These are the lowest prices available for Apple’s... Read more
Red Pocket Mobile is offering a $300 rebate o...
Red Pocket Mobile has new Apple iPhone 16’s on sale for $300 off MSRP when you switch and open up a new line of service. Red Pocket Mobile is a nationwide MVNO using all the major wireless carrier... Read more
New at Xfinity Mobile: iPhone 16 Pros for $40...
Switch to Xfinity Mobile with a new line of service, and take $400 off the price of any new iPhone 16 Pro through October 10, 2024. Final value is applied to your account, monthly, over a 24-month... Read more
16-inch Apple MacBook Pros on sale this week...
Best Buy has 16″ M3 Pro and M3 Max Apple MacBook Pros on sale for $500 off MSRP on their online store this week. Prices valid for online orders only, in-store prices may vary. Order online and choose... Read more
iPhone 15 and 15 Plus free at Verizon for new...
Verizon has the iPhone 15 and iPhone 15 Plus now on sale for $0 per month (that’s free!) when you add a new line of service. No trade-in is required. Discount is applied to your account monthly over... Read more
Verizon offers free iPhone 16 and 16 Pro mode...
Verizon is offering $1000 discounts on the new iPhone 16 Pro, $830 for the 16 and 16 Plus, for customers opening a new line of service. Discount is applied via monthly bill credits over a 36 month... Read more
AT&T offers free iPhone 16 and 16 Pro mod...
AT&T is offering $1000 discounts on the new iPhone 16 Pro, $830 for the 16 and 16 Plus, for new and existing customers with an eligible trade-in. Discount is applied via monthly bill credits over... Read more
Buy a new iPhone 16 at Visible, and get $10 o...
Switch to Visible, and buy a new iPhone 16 (full price or financed), and Visible will take $10 off their monthly Visible+ service for 36 months. Visible is Verizon’s low-cost service. Visible+ is... Read more
Apple iPhone 16 deals are live at Xfinity Mob...
Switch to Xfinity Mobile with a new line of service, and take up to $1000 off the price of a new iPhone 16 through October 10, 2024. Final value is applied to your account, monthly, after qualifying... Read more
Get a free iPhone 16 at Boost Mobile plus Unl...
Boost Mobile, an MVNO using AT&T and T-Mobile’s networks, is offering a free 128GB iPhone 16 or 16 Pro including service with their Unlimited plan (30GB of premium data) for a total charge of $65... Read more
 

Jobs Board

EUC *Apple* /MAC Platform Engineer - Corning...
EUC Apple /MAC Platform Engineer **Date:** Sep 13, 2024 **Location:** Charlotte, NC, US, 28216Corning, NY, US, 14831 **Company:** Corning Requisition Number: 64844 Read more
*Apple* Systems Administrator - JAMF - Activ...
…**Public Trust/Other Required:** None **Job Family:** Systems Administration **Skills:** Apple Platforms,Computer Servers,Jamf Pro **Experience:** 3 + years of Read more
Seasonal Operations Associate - *Apple* Blo...
Seasonal Operations Associate - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Read more
Secret *Apple* MacOS Workspace ONE AirWatch...
Job Description The Apple MacOS Workspace ONE AirWatch Engineer role is primarily responsible for managing a fleet of 400-500 MacBook computers. The ideal candidate Read more
Cashier - *Apple* Blossom Mall - JCPenney (...
Cashier - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Blossom Mall Read more

  • Generate a short URL for this page:



All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.