paul.nowak wrote: Matt, thanks for the comments. I made an error on the version of Plone. It's 2.5 Plone running on Zope 2.9x.
In regards to the additional products, we have a skin installed and we have a product that we had custom developed for us that connects to a PostgreSQL database. We've looked at slow PostgreSQL queries causing problems and have not been able to find an issue. We've also tested for the case where the PostgreSQL server is down and have not been able to create an issue. We therefor...
SUNNYVALE, CA -- (MARKET WIRE) -- 03/14/07 -- Fortinet® -- the pioneer and leading
provider of unified threat management (UTM) solutions -- today announced
that its Fortinet Global Threat Research Team discovered multiple
vulnerabilities in McAfee(TM) ePolicy Orchestrator and ProtectionPilot. The
vulnerabilities allow attackers to take over the affected system by
providing a malicious Web page from a controlled Web site. When the user
browses the Web page from a machine with the affected products, maliciously
formed data causes a buffer overflow leading to arbitrary command execution
with the privileges of that user.
The vulnerability affects users of the following specific software:
-- McAfee ePolicy Orchestrator 3.6.1 and earlier
-- McAfee ePolicy Orchestrator 3.6.0 Patch 5 and earlier.
-- McAfee ePolicy Orchestrator 3.5.0 Patch 7 and earlier.
-- McAfee ProtectionPilot 1.5.0.
-- McAfee ProtectionPilot 1.1.1 Patch 3 and earlier.
McAfee (TM) users should immediately apply the update provided by McAfee
(TM) on March 13, 2007. Fortinet's security research team was critical in
discovering this vulnerability, as noted in the McAfee Security Bulletins:
Fortinet is the pioneer and leading provider of ASIC-accelerated
multi-threat security systems, which are used by enterprises and service
providers to increase their security while reducing total operating costs.
Fortinet solutions were built from the ground up to integrate multiple
levels of security protection -- including firewall, antivirus, intrusion
prevention, VPN, spyware prevention and antispam -- providing customers a
way to protect multiple threats as well as blended threats. Leveraging a
custom ASIC and unified interface, Fortinet solutions offer advanced
security functionality that scales from remote office to chassis-based
solutions with integrated management and reporting. Fortinet solutions have
won multiple awards around the world and are the only security products
that are certified eight times over by the ICSA (firewall, antivirus,
IPSec, SSL, IPS, client antivirus detection, cleaning and antispyware).
Fortinet is privately held and based in Sunnyvale, California.
Fortinet is a registered trademark of Fortinet, Inc. Fortinet, FortiGate,
FortiOS, FortiAnalyzer, FortiASIC, FortiAnalyzer, FortiCare, FortiManager,
FortiWiFi, FortiGuard, FortiClient, and FortiReporter are trademarks of the
Fortinet, Inc. in the United States and/or other countries. All other
trademarks referred to herein are the property of their respective owners.
Media Contacts:
Jennifer Leggio
Fortinet, Inc.
+1 408 486 7876 jleggio@fortinet.com