Trend Micro Pattern File June 8, 2002

Security 10918 Published by Philipp Esselbach 0

Use this version of the pattern file for all Trend Micro products running on Intel or DEC Alpha based operating systems and for products using Trend’s virus scanning API Library. Because more than 200 new viruses are discovered every month, it is strongly suggested that you update your virus pattern files regularly.

Homepage
Download

Unchecked Buffer in ASP.NET Worker Process

Security 10918 Published by Philipp Esselbach 0

ASP.NET is a collection of technologies that help developers to build web-based applications. Web-based applications, including those built using ASP.NET, rely on HTTP to provide connectivity. One characteristic of HTTP as a protocol is that it is stateless, meaning that each page request from a user to a site is reckoned an independent request. To compensate for this, ASP.NET provides for session state management through a variety of modes.

One of these modes is StateServer mode. This mode stores session state information in a separate, running process. That process can run on the same machine or a different machine from the ASP.NET application. There is an unchecked buffer in one of the routines that handles the processing of cookies in StateServer mode. A security vulnerability results because it is possible for an attacker to seek to exploit it by mounting a buffer overrun attack. A successful attack could cause the ASP.NET application to restart. As a result, all current users of the web-based application would see their current session restart and their current session information would be lost.

Read more

Trend Micro Pattern File June 4, 2002

Security 10918 Published by Philipp Esselbach 0

Use this version of the pattern file for all Trend Micro products running on Intel or DEC Alpha based operating systems and for products using Trend’s virus scanning API Library. Because more than 200 new viruses are discovered every month, it is strongly suggested that you update your virus pattern files regularly.

Homepage
Download

Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources

Security 10918 Published by Philipp Esselbach 0

To support the exchange of mail with heterogeneous systems, Exchange messages use the attributes of SMTP mail messages that are specified by RFC's 821 and 822. There is a flaw in the way Exchange 2000 handles certain malformed RFC message attributes on received mail. Upon receiving a message containing such a malformation, the flaw causes the Store service to consume 100% of the available CPU in processing the message.

A security vulnerability results because it is possible for an attacker to seek to exploit this flaw and mount a denial of service attack. An attacker could attempt to levy an attack by connecting directly to the Exchange server and passing a raw, hand-crafted mail message with a specially malformed attribute. When the message was received and processed by the Store service, the CPU would spike to 100%. The effects of the attack would last as long as it took for the Exchange Store service to process the message. Neither restarting the service nor rebooting the server would remedy the denial of service.

Read more

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...