A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Waterfall_Cache has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 47

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 194

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Memcache_Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 275

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Filesystem_Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 440

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; APC_Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 628

Microsoft Plugs Another Hole in IIS

Microsoft Plugs Another Hole in IIS

By Jim Wagner (Send Email)
Posted Apr 11, 2002


Microsoft Wednesday released its latest security patch. This time the affected was bug-prone Internet Information Server's active server pages (ASP) function.

This is the second all-encompassing IIS patch released by the software giant, a company that's come under heat for repeated security breaches in its operating systems, Internet browser, and IIS applications over the years.

Microsoft Wednesday released its latest security patch. This time the affected was bug-prone Internet Information Server's active server pages (ASP) function.

The 10 vulnerabilities, found by Microsoft technicians, eEye Digital Security, Entrust Technologies, @Stakem and several private individuals, run the gamut of the hacker's handbook. Four are considered "critical" vulnerabilities that demand immediate fixes, the bulletin states.

From buffer overrun bugs to denial-of-service vulnerabilities, the widespread patch repairs breaches that can be found in IIS 4.0, IIS 5.0, and IIS 5.1. According to Microsoft officials, beta versions of its .Net Server (build 3605) software, using IIS 6.0, already have the fixes in place, but it warned against companies using the product on their intranets.

"By definition, beta products are incomplete, they're intended for evaluation purposes and shouldn't be used in production systems," the bulletin reported.

ASP is an oft-maligned technology many developers consider the main reason for Microsoft's software security woes. Unfortunately for Microsoft and its many customers, it's the linchpin behind the company's Internet/intranet and Web services, allowing Web servers to dynamically generate Web applications.

Some believe, however, it is unfair to single Microsoft out for the current security issues. Last October, the research firm Meta Group found it was partly the responsibility of systems administrators to keep up to date with patches before hackers find the affected systems.

The patch can be found here.


Related Stories:
IIS Listing and Review
IIS Vulnerability Found


Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.


 

 


Thanks for your registration, follow us on our social networks to keep up-to-date