Previous Security Advisories

New version of Apache fixes security holes

July 20, 2003

Version 2.0.47 of Apache has been released and is principally a security and bug fix release. Of particular note is that 2.0.47 addresses four security vulnerabilities: Certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one could result in the weak ciphersuite being used […]

Continuous attacks against IIS 5.0

July 14, 2003

1) Description: A buffer overflow in a ntdll.dll function can be exploited through the WEBDAV service of IIS 5.0.This vulnerability is currently been widely exploited in the Internet. 2) Impact: Arbitrary execution of commands remotely in the operational system. 3) Fixes: If it is possible, disable the WebDAV service by setting the registry key below […]

Critical Vulnerability in IIS 5.0

March 18, 2003

IIS 5.0 gives the attacker full control of your system. Compromised systems should be removed from the network, analyzed and rebuilt with care. Worms can be written to exploit this vulnerability and patching is critically important. According to reports by CNET, intruders are actively exploiting this vulnerability. Also, according to an article on MSNBC.com, the […]

« Older Entries   Newer Entries »