Previous Security Advisories

Survey Reveals Vulnerable IIS Sites

July 5, 2002

The latest Netcraft Survey of web servers has indicated that 45% of IIS servers have .htr mapping enabled. Last month, Microsoft issued an advisory warning of a heap overrun vulnerability in IIS’ HTR handling which could yield remote system compromise. Since HTR is now an antiquated scripting language, the advisory recommended that it be disabled […]

Apache Worm Spotted In Wild

June 29, 2002

Security researcher Domas Mitzuas’ honeypots have caught a new Apache worm and trojan in the wild. It seems to be searching through the Internet and installing itself on systems vulnerable to the recent chunked-encoding vulnerability. Domas has set up an Apache worm webpage with the details he has collected, and you might want to follow […]

MS Patches Commerce Server Holes

June 28, 2002

Four critical remote vulnerabilities, three of which are buffer overflows, have been discovered in Microsoft Commerce Server 2000 and 2002. All of these can lead to total system compromise by an attacker. Microsoft Site Server 3.0 and Microsoft Site Server 3.0 Commerce Edition are not affected. Bulletin MS02-033 has more information and a patch.

« Older Entries   Newer Entries »