Security Advisories
Sun Security Kit Leaves Holes in RaQ4 Servers
January 29, 2009
Security patches aren’t supposed to create new vulnerabilities, but that’s precisely what happened with Sun’s Security Hardening Package (SHP) for the company’s popular line of Cobalt RaQ 4 Server Appliances. The package includes a script called overflow.cgi that does not properly filter user input, allowing an attacker to execute arbitrary commands with superuser privileges. Sun’s […]
N-Stalker unleashes security flaw on Apache's environment
May 12, 2006
Security Researchers at N-Stalker’s Web Security Intelligence Labs have unleashed a security flaw that affects all versions of Apache and may cause client-side application to be vulnerable against malicious attackers. According to Thiago Zaninotti, head of the Research Lab, the problem is related to the way Apache handle requests with “Expect” header field set, giving […]
Critical Vulnerability in Apache
November 2, 2004
The Apache Group has announced the release of version 2.0.52 and 1.3.33 of Apache HTTP Server. All users are urged to upgrade their servers due to security problems found in both versions. Concerning the 2.0.x series, the fix will address the following security flaw: Fix merging of the Satisfy directive, which was applied to the […]
