Security Advisories
MS Patches Commerce Server Holes
June 28, 2002
Four critical remote vulnerabilities, three of which are buffer overflows, have been discovered in Microsoft Commerce Server 2000 and 2002. All of these can lead to total system compromise by an attacker. Microsoft Site Server 3.0 and Microsoft Site Server 3.0 Commerce Edition are not affected. Bulletin MS02-033 has more information and a patch.
Remote Hole Reported in OpenSSH
June 25, 2002
A remote vulnerability in OpenSSH, a widely-used open source SSH server, has been announced on numerous security mailing lists. Specifics or proof-of-concept exploits have not been provided yet, as the discoverers are giving vendors a chance to come up with patches by the end of this week. What we know is this: all versions of […]
Apache Exploit Published
June 20, 2002
If you still haven’t patched your Apache web server to protect against the chunked-encoding vulnerability released on Monday, now’s the time. “Gobbles Security” group has published an exploit called apache-scalp on BugTraq that gets a remote shell on Apache 1.3.X. The hack only works on OpenBSD but expect more exploits for other platforms soon. Once […]
« Older Entries Newer Entries »
