Security Advisories
Remote Overflow Found In PHP Parser
July 22, 2002
A serious vulnerability has been discovered in versions 4.2.0 and 4.2.1 of PHP, a popular scripting language that is used to power millions of web sites. The parser which handles the headers of HTTP POST requests has a buffer overflow which can be exploited remotely or locally for priviliged system access, even through a firewall. […]
Survey Reveals Vulnerable IIS Sites
July 5, 2002
The latest Netcraft Survey of web servers has indicated that 45% of IIS servers have .htr mapping enabled. Last month, Microsoft issued an advisory warning of a heap overrun vulnerability in IIS’ HTR handling which could yield remote system compromise. Since HTR is now an antiquated scripting language, the advisory recommended that it be disabled […]
Apache Worm Spotted In Wild
June 29, 2002
Security researcher Domas Mitzuas’ honeypots have caught a new Apache worm and trojan in the wild. It seems to be searching through the Internet and installing itself on systems vulnerable to the recent chunked-encoding vulnerability. Domas has set up an Apache worm webpage with the details he has collected, and you might want to follow […]
« Older Entries Newer Entries »
