Previous Security Advisories
OpenSSH Advisory, Patch Released
August 28, 2002
Details and a patch have been issued a day earlier than expected for the OpenSSH security hole uncovered late last week. A vulnerability in the challenge/response authentication mechanism of the OpenSSH daemon, versions 3.3 and earlier, could allow remote superuser compromise. ISS’s advisory has more details (they actually gave the developers a few days before […]
Directory Traversal Bug in Non-Unix Apache
August 16, 2002
PivX has released details on the critical Apache security hole for which they gave a vague early warning last week. The web server is vulnerable to a directory traversal attack which can be used to execute arbitrary commands on a system using the cgi-bin. In addition, any file on the system could be read. PivX […]
MS Releases Cumulative SQL Update
August 16, 2002
Microsoft security bulletin MS02-043 features a much-needed cumulative patch for SQL Server 7.0, SQL Server 2000, MSDE 1.0 and MSDE 2000, all of which have been affected by some half a dozen security holes over the past two months. In addition to fixing all vulnerabilities addressed by earlier patches, the update repairs a new security […]
« Older Entries Newer Entries »