Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!samsung!uakari.primate.wisc.edu!sdd.hp.com!mips!pacbell.com!ucsd!ucbvax!wsmr-emh03.army.mil!cmcdonal From: cmcdonal@wsmr-emh03.army.mil (Chris McDonald ASQNC-TWS-R-SO) Newsgroups: comp.binaries.ibm.pc.d Subject: Warning for ProComm Users Summary: Reposted by Keith Petersen Message-ID: Date: 9 Apr 91 19:08:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Lines: 18 The US Army has a site license for ProComm, version 2.4. Many of us use this software to connect our personal computers to a variety of hosts here at White Sands and elsewhere. Recently ISC personnel discovered that a particular feature of ProComm, which serves a perfectly legitimate purpose, can pose a security hazard. We contacted the vendor who advised us that it is not possible to disable the legitimate feature. In fact, denying this feature would hamper some of you from doing your jobs. We do not wish to describe the specific security problem, lest someone for whatever reason decides to take advantage of it. On the other hand, we do want to ensure that you and your information have sufficient protection against unauthorized disclosure. For your own protection please COMPLETELY EXIT from ProComm whenever you complete a terminal session. This means returning to the MS-DOS prompt.