Sun Web server in security alert
Published: 14 Mar 2003 15:51 GMT
Security consulting company @stake on Thursday found a vulnerability in Sun Microsystems' Web server that could allow a hacker to gain control of a Web site.
The problem exists with the Netscape Web server software that works with Sun's application server, formally called iPlanet Enterprise Server.
"This is a classic stack buffer overflow, and a remote attacker can gain control of the running web server," according to the @stake alert.
Sun has issued a patch for version 6.5 of the Sun ONE Application Server, but has not written a patch for version 6.0 of the Web server.
For companies using Sun ONE Application Server version 6.0, @stake published sample code that could head off attempted hacks.
Let the editors know what you think in the Mailroom.
Did you find this article useful?
50 out of 95 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
