Print

Print


School Information Technology Discussion <[log in to unmask]> writes:
>Are there any other details available?
>
>Thanks,
>
>-- MB
Marion,
 Below is the full announcement. I didn't want to post it originally
(unless requested) as it leans slightly towards a focused product. Please
feel free to contact me off list if you want or need more information.
Neil

Neil Manders (retired Director of Technology - WCSU)
Project Manager
Learning Networks/First Class
802-257-1258

Dear Administrators,

We have discovered a potentially serious security vulnerability affecting
FirstClass Internet Services.  Because of the nature of this problem, we
are taking the step of sending out this Security Update.

Affected Components:
FirstClass Internet Services 8.X and FirstClass Internet Services 9.X,
specifically the FirstClass Web User Interface. Releases earlier than 8.0
may be affected but have not yet been tested.

Affected Platforms:
This affects FirstClass Internet Services on all supported platforms.

Overview:
Based on customer reports, we have discovered a security vulnerability
which has the potential to affect sites running FirstClass Internet
Services.  As a result of this vulnerability, it may be possible for
unauthenticated users to access outbound messages queued to be sent via
SMTP.

Next Steps:
We have coded, tested and released a new 9.1 Service Pack of FirstClass
Internet Services to address this vulnerability. You should install this
at your earliest convenience.

For sites running FirstClass 9.1, this new version has automatically been
downloaded to you via the FirstClass Update Server. Sites running
FirstClass 9.0 and older versions please contact Customer Support for
further options. 

As you know, we at FirstClass take security extremely seriously. We are
proud to offer a safe, secure environment, and we do our utmost to address
security issues as soon as humanly possible.

Sincerely, 

Scott Welch