Microsoft patches ten IIS vulnerabilities
News IIS 5.1 is not vulnerable to CAN-2002-0079 chunked encoding memory or the .htr file request buffer overflow CAN-2002-0071.IIS 4.0 is not vulnerable to one of the cross-site scripting threats.The FTP status request DoS vulnerability will be...
[April 29, 2002, 13:39]
Dman
Downloads Supports simple redirection, resume on error (where possible), downloading to RAM and to VFS, automatic installing of *.prc and *.pdb databases to RAM, "Transfer-encoding: chunked" is supported, automatic filename rename if file exist.
[September 10, 2008, 21:04]
Patch now or be sorry later
News Unfortunately, in IIS 4.0 this chunked data is handled by putting it into a buffer with no upper size limit. Another day, another security hole. But for once, Microsoft blocked this Microsoft NT 4.0/Internet Information Server 4.0 hole before the...
[March 24, 2000, 11:09]
Web ripe for massive worm attack
News The situation is made worse by a worm discovered over the weekend that makes use of the Apache flaw, a vulnerability in the mechanism for handling "Chunked Encoding". The Web is currently more vulnerable to attack than ever before, as a result of...
[July 1, 2002, 12:21]
Security warning too quick for comfort?
News Both ISS and Mark Litchfield decided to study the possibility of a hole after a similar problem known as a "chunked encoding overrun" was found in early April in Microsoft's flagship Internet Information Server (IIS) Web server software.
[June 18, 2002, 9:21]
High-risk flaws in corporate security revealed
News Chunked Encoding Vulnerability in Apache: Versions of Apache prior to 1.3.26 have a vulnerability in the way they perform decoding of requests making it possible for remote attackers to cause a buffer overflow on affected systems.
[June 20, 2008, 8:17]
