Archive for July, 2002
Remote Overflow Found In PHP Parser
July 22, 2002
A serious vulnerability has been discovered in versions 4.2.0 and 4.2.1 of PHP, a popular scripting language that is used to power millions of web sites. The parser which handles the headers of HTTP POST requests has a buffer overflow which can be exploited remotely or locally for priviliged system access, even through a firewall. [...]
N-Stealth in Privacy Defended
July 9, 2002
N-Stealth HTTP Security Scanner is in Privacy Defended. Privacy Defended is a comprehensive book that melds detailed, how-to information on PC software, hardware and operating system security within the context of protecting one’s privacy in a digital world. It is designed for individuals who are serious about their privacy and who also want an accessible, [...]
Survey Reveals Vulnerable IIS Sites
July 5, 2002
The latest Netcraft Survey of web servers has indicated that 45% of IIS servers have .htr mapping enabled. Last month, Microsoft issued an advisory warning of a heap overrun vulnerability in IIS’ HTR handling which could yield remote system compromise. Since HTR is now an antiquated scripting language, the advisory recommended that it be disabled [...]
