Author Archive
Critical Buffer Overflow in Windows Clients & Servers
November 20, 2002
Microsoft has released security bulletin MS02-065 to address a very serious vulnerability affecting both Windows PCs and servers. A buffer overflow exists in Microsoft Data Access Components, which is installed on Windows XP, 2000, and Me by default and also comes with several applications for NT 4.0. By sending a malformed HTTP request to an […]
Denial of Service Hole in Linksys Router
November 7, 2002
An easily exploitable denial of service vulnerability has been found in one of the most popular makes of cable/DSL routers. The Linksys 4-port EtherFast router, model number BEFSR41, can be crashed by merely accessing the Gozilla.cgi script with a blank request (for example, “http://192.168.0.1/Gozilla.cgi?”). However, this attack only works if the remote management interface is […]
Microsoft Releases IIS Security Alert/ Update
November 4, 2002
Microsoft has issued a security bulletin addressing ten vulnerabilities in IIS versions 4 through 5.1. Three of these holes are marked as critical – they range from remote buffer overflows to denial of service and cross-site-scripting. We highly recommend all IIS administrators download this immediately since exploits are already available for several of these vulnerabilities.
« Older Entries Newer Entries »
