TUCoPS :: HP Unsorted I :: b06-4536.htm

Is Telelogic's Synergy integrated Informix server also vulnerable?
Is Telelogic's Synergy integrated Informix server also vulnerable?
Is Telelogic's Synergy integrated Informix server also vulnerable?


Hi all,

   Well we have read David's Litchfield's paper on how insecure and easy 
cracking unpatched versions of Informix is. But how about the OEM vendors 
like Telelogic with their Synergy product range? Telelogic's Synergy Change 
and CM are enterprise products for Change Management control which exist in 
many large corporations and are business critical. It might be sufficient to 
say most likely these products are also vulnerable to the same attacks. As 
they are OEM the existing patches can't be applied. Telelogic don't seem to 
be doing anything about it, so how can we defend our boxes? We can't. This 
is a request to the security community for support in helping to determine 
if these OEM vendors are vulnerable and hopefully getting them to fix their 
products.

http://www.databasesecurity.com/informix-securing.htm David's paper 
http://www.telelogic.com/corp/products/synergy/index.cfm Vendor page 

-SecAnon

_________________________________________________________________
Search from any web page with powerful protection. Get the FREE Windows Live 
Toolbar Today! http://get.live.com/toolbar/overview

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH