Previous Security Advisories
MS ASN.1 Buffer Overflow Vulnerabilities
February 2, 2004
A high critical vulnerability was announced today by Microsoft that affect libraries which are used to process ASN.1 encoded data. ASN.1 is the standard which defines how data in digital certificates is encoded. Every application that makes use of MSASN1.DLL or CRYPT32.DLL (for digital certificates handling) is considered to be vulnerable. Some of it includes: […]
MDAC Hole Not Widespread on IIS Servers
December 3, 2003
UK Internet research firm Netcraft has released its latest web server survey for November 2002, with some interesting observations on the pervasiveness of the recently discovered MDAC vulnerability on IIS servers. Assessments by Foundstone, the security company that discovered the hole, and Microsoft had claimed millions of systems might be affected, prompting fears of attacks […]
OpenSSL susceptible to DoS attacks
November 5, 2003
Uma falha de segurança foi encontrada na biblioteca OpenSSL versão 0.9.6k durante um teste de rotina. De acordo com o boletim publicado pela Novell Inc, as aplicações que rodam na plataforma MS Windows(r) ligados dinamicamente ou estaticamente à versão vulnerável da biblioteca são consideradas vulneráveis ao ataque de Denial-of-Service. Uma falha na OpenSSL 0.9.6 causaria […]
« Older Entries Newer Entries »