-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


WiKID Systems Security Advisory

Summary
=======

The WiKID Strong Authentication server utilizes the Tomcat application
server for both the WiKIDAdmin web management interface and for
processing one-time passcodes.  This release updates Tomcat to 5.5.27
which patches several security vulnerabilities.


Affected Products
=================
The WiKID Strong Authentication Server - Enterprise Edition
The WiKID Strong Authentication Server - Community Edition

References
==========

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286

Mitigation
==========

Commercial users may download the most recent RPMs from the website:
http://www.wikidsystems.com/downloads/

Users of the open source community version may download packages from
Sourceforge:
https://sourceforge.net/project/showfiles.php?group_id=144774



- --
Nick Owen
WiKID Systems, Inc.
404-962-8983 (desk)
http://www.wikidsystems.com
Two-factor authentication, without the hassle factor.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjQATkACgkQvhL875pdRY1NpwCglMttfAfrn720O7foyT/ih1/l
Ss8An0GDsmb2DzLYjer6S9+Qvh0oALiz
=mEYx
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/