Previous Security Advisories

Microsoft Releases IIS Security Alert/ Update

November 4, 2002

Microsoft has issued a security bulletin addressing ten vulnerabilities in IIS versions 4 through 5.1. Three of these holes are marked as critical – they range from remote buffer overflows to denial of service and cross-site-scripting. We highly recommend all IIS administrators download this immediately since exploits are already available for several of these vulnerabilities.

New Cumulative Patch for IIS

October 31, 2002

Microsoft has issued a new roll-up patch for Internet Information Server 4.0 through 5.1 in security bulletin MS02-062. The update includes all previously released fixes for IIS; in addition, it also patches four new vulnerabilities. Most of these holes are low to moderate risk issues – none of them allow remote command execution or system […]

Multiple XSS Bugs in PHPNuke

October 16, 2002

Seven new cross-site scripting vulnerabilities have been discovered in PHPNuke 6.0, a popular content management system used to power tens of thousands of web sites. Most of these issues could lead to the compromise of a site user’s cookies, which would give an attacker the ability to log-in as the victim. Two of the scripting […]

« Older Entries   Newer Entries »