Security Advisories
Multiple XSS Bugs in PHPNuke
October 16, 2002
Seven new cross-site scripting vulnerabilities have been discovered in PHPNuke 6.0, a popular content management system used to power tens of thousands of web sites. Most of these issues could lead to the compromise of a site user’s cookies, which would give an attacker the ability to log-in as the victim. Two of the scripting […]
"Mighty" Adds IRC Backdoor to Slapper
October 10, 2002
A fifth variant of the Slapper OpenSSL exploit worm has been spotted in the wild, but won’t be posing much of a risk since most vulnerable systems have already been infected or patched by now. “Mighty” is closely related to Slapper.D, but uses an IRC channel to receive commands, as opposed to the P2P network […]
Critical Overflow in FrontPage Server Extensions
September 25, 2002
Microsoft has issued security bulletin MS02-053 for a vulnerability in FrontPage Server Extensions 2000 and 2002. The SmartHTML Interpreter (shtml.dll), which is included in all FPSE editions, has a buffer overflow that can be exploited by a malformed HTTP request. For systems running FPSE 2000, this could allow an attacker to consume all of a […]
« Older Entries Newer Entries »
