home *** CD-ROM | disk | FTP | other *** search
- November 3, 1999 - Security UPDATE Alert - Four new security risks
- were reported in the last couple of days. Georgio Guninski
- discovered another problem in IE 5.0 that allows of frame spoofing
- to occur. Microsoft has issued no comment regarding this problem.
-
- USSRLABS reported a denial of service potential with Deerfield.com's
- FTP Serv-U software. No vendor response is known at this time.
-
- Microsoft reported a problem with IIS and Site Server where an SSL
- ISAPI filter may leak plain text data under rare circumstances. A
- patch has been issued to correct the problems.
-
- Tim Adams reported a problem with IE 5.0's automatic proxy detection
- routines. Microsoft has issued a remedy for this problem.
-
- For complete details on each of the discoveries, please visit our
- Web site at the URLs listed below:
-
- - IE 5.0 Frame Spoofing
- http://www.ntsecurity.net/scripts/loader.asp?iD=/security/ie56.htm
- - IE 5.0 Proxy Detection Issue
- http://www.ntsecurity.net/scripts/loader.asp?iD=/security/ie55.htm
- - FTP Serv-U v2.5a
- http://www.ntsecurity.net/scripts/loader.asp?iD=/security/servu1.htm
- - IIS and Site Server SSL
- http://www.ntsecurity.net/scripts/loader.asp?iD=/security/iis2.htm
-
- Thanks for subscribing to Security UPDATE.
-
- Please tell your friends about this newsletter and alert list!
-
- Sincerely,
- The Security UPDATE Team
- security@ntsecurity.net
-
- =======================================================================
- TO UNSUBSCRIBE from this alert list DO NOT REPLY, instead send e-mail
- to listserv@listserv.ntsecurity.net with the words "unsubscribe
- securityupdate" in the body of the message without the quotes.
-
- TO SUBSCRIBE to this alert list, send e-mail to the same address listed
- above with the words "subscribe securityupdate anonymous" in the body
- of the message without the quotes.
- =======================================================================
- Security UPDATE is powered by LISTSERV(R) software
- http://www.lsoft.com/LISTSERV-powered.html
- =======================================================================
- Copyright (c) 1999 Duke Communications Intl. Inc. - ALL RIGHTS RESERVED
- Forwarding this email is permitted, as long as the entire message body,
- the mail header, and this notice are included.
-
-