Archive for June, 2002
Apache Worm Spotted In Wild
June 29, 2002
Security researcher Domas Mitzuas’ honeypots have caught a new Apache worm and trojan in the wild. It seems to be searching through the Internet and installing itself on systems vulnerable to the recent chunked-encoding vulnerability. Domas has set up an Apache worm webpage with the details he has collected, and you might want to follow [...]
MS Patches Commerce Server Holes
June 28, 2002
Four critical remote vulnerabilities, three of which are buffer overflows, have been discovered in Microsoft Commerce Server 2000 and 2002. All of these can lead to total system compromise by an attacker. Microsoft Site Server 3.0 and Microsoft Site Server 3.0 Commerce Edition are not affected. Bulletin MS02-033 has more information and a patch.
Remote Hole Reported in OpenSSH
June 25, 2002
A remote vulnerability in OpenSSH, a widely-used open source SSH server, has been announced on numerous security mailing lists. Specifics or proof-of-concept exploits have not been provided yet, as the discoverers are giving vendors a chance to come up with patches by the end of this week. What we know is this: all versions of [...]
