Cumulative Patch for Internet Information Service

SPI Labs and NSFocus have discovered multiple holes in IIS. Two denial of service conditions exist that can allow an attacker to cause IIS to stop responding. One Cross site scripting issue exists in the 302 redirection pages, and one buffer overflow that allows command execution as the webserver user. The buffer...

Apache Pre 2.0.46 Denial of Service

Below is a snippet from the apache advisory. Apache 2.0.46 Major changes Security vulnerabilities closed since Apache 2.0.45 *) SECURITY [CAN-2003-0245]: Fixed a bug that could be triggered remotely through mod_dav and possibly other mechanisms, causing an Apache child process to crash. The crash was first reported by David Endler and was...

Sun One Application Server Multiple vulnerabilities

SPI Labs Has identified four issues in the popular Sun One application server. They range from Source code theft, Log evasion, Cross site scripting, and plaintext administrative password storage. Sun One Multiple Issues

IIS Security and Programming Countermeasures e-book released

Jason Coombs has released this 440 page e-book on IIS security, and secure programming. Worth a read if you run IIS on a production system.
Looking for something else or having a hard time finding a story? We recently moved things around so please use the search bar on the right!