Previous Security Advisories

More on the Apache Vulnerability

June 18, 2002

CERT has issued advisory CA-2002-17 covering the remote DoS and code execution security hole in Apache web servers, which run 56% of the Internet’s web sites according to the latest Netcraft survey. Numerous reactions to the vulnerability, particularly the way ISS disclosed it before notifying the Apache organization, have been sprouting up all over the […]

Remote Apache Vulnerability Announced

June 17, 2002

A remote vulnerability has been discovered in the Apache HTTP server, versions up to 1.3.24 and 2.0 through 2.0.36 for both Windows and *nix. The hole is in routines which deal with invalid requests encoded using chunked encoding, which is enabled by default. A maliciously crafted request could lead to denial of service or possibly […]

Microsoft Issues IIS & RAS Security Alerts

June 16, 2002

Two more MS security advisories have been issued for today. The first and most critical: a buffer overflow has been discovered in Microsoft IIS web servers – this time in the ISAPI extension that handles HTR scripting. On IIS 4.0 an attacker would be able to gain complete control of the server, while 5.0’s HTR […]

« Older Entries   Newer Entries »