Previous Security Advisories

MS ASN.1 Buffer Overflow Vulnerabilities

February 2, 2004

A high critical vulnerability was announced today by Microsoft that affect libraries which are used to process ASN.1 encoded data. ASN.1 is the standard which defines how data in digital certificates is encoded. Every application that makes use of MSASN1.DLL or CRYPT32.DLL (for digital certificates handling) is considered to be vulnerable. Some of it includes: […]

MDAC Hole Not Widespread on IIS Servers

December 3, 2003

UK Internet research firm Netcraft has released its latest web server survey for November 2002, with some interesting observations on the pervasiveness of the recently discovered MDAC vulnerability on IIS servers. Assessments by Foundstone, the security company that discovered the hole, and Microsoft had claimed millions of systems might be affected, prompting fears of attacks […]

OpenSSL susceptible to DoS attacks

November 5, 2003

Uma falha de segurança foi encontrada na biblioteca OpenSSL versão 0.9.6k durante um teste de rotina. De acordo com o boletim publicado pela Novell Inc, as aplicações que rodam na plataforma MS Windows(r) ligados dinamicamente ou estaticamente à versão vulnerável da biblioteca são consideradas vulneráveis ao ataque de Denial-of-Service. Uma falha na OpenSSL 0.9.6 causaria […]

« Older Entries   Newer Entries »