Updated: July 28, 2005
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: August 30, 2005
Affected
Problem Correction: Upgrade to Reflection for Secure IT Windows Server version 6.0 build 24 or, if upgrading is not immediately possible, enter all possible case combinations of the strings in the "Deny login for users" and "Allow login for users" edit fields. For additional details and server upgrade information, please see: http://support.wrq.com/techdocs/1867.html AttachmateWRQ recommends that you bookmark and regularly check the Security Updates and Reflection for Secure IT web page for the latest information about updates and vulnerabilities: http://support.wrq.com/techdocs/1910.html
The vendor has not provided us with any further information regarding this vulnerability.
Note that the upgrade restores case insensitivity, the behavior prior to version 6.0. This may result in usernames matching expressions in the allow list that did not match in earlier versions of Reflect for Secure IT Windows server v6.0.