Microsoft

IIS bug could keep users from receiving services

Are you using IIS? The Exterminator has news you won't want to miss. Plus, you'll find updates on Sun and Red Hat issues.


Exterminator puts the squeeze on bugs!
Every Friday, Ed Engelking brings you his insight on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, and other systems.

Microsoft Security Bulletin (MS00-018)Regarding: Internet Information Server 4.0 (IIS)
Date posted: March 20, 2000
Patch URL:Click here for the X86 patch
Patch URL:Click here for the Alpha patch

Microsoft announced on March 20 that it has identified a bug within Internet Information Server 4.0. According to Microsoft, the bug allows a user to block an enormous amount of data on a server, thus keeping the server from performing useful work. Only after the user has closed his or her session would the memory be released, allowing the server to return to normal operation. For more information, visit Microsoft’s Web site .

Microsoft Security Bulletin (MS00-017)Regarding: Windows 95, Windows 98, and Windows 98 SE
Date posted: March 16, 2000
Patch URL:Click here for Windows 95 patch
Patch URL:Click here for Windows 98 patch

Microsoft announced on March 16 that it has found a bug within the Windows 95, 98, and 98 SE operating systems. According to Redmond, the bug results from the way the operating systems parse filenames. If a read or write is performed to a path whose name contains a reserved DOS device name, the operating system will attempt to access invalid resources, causing the system to crash. For more information, visit Microsoft’s Web site .

Sun Microsystems issuesRegarding: Netscape Enterprise Server 3.x
Date posted: March 17, 2000
Patch URL: No known patch at this time.
Information URL: Click here for more information

SecurityFocus.com reports that there is vulnerability within the Netscape Enterprise Server 3.x. If a user requests a URL with a Web Publishing tag, that user can view content within the root directory, as well as browse subdirectories. There is no known patch for this vulnerability at this time.

Linux issuesRegarding: Red Hat 6.1, 6.1 sparc, 6.1 i386, 6.1 alpha
Date posted: March 9, 2000
Solution URL:Click here for a solution

SecurityFocus.com reports that there is vulnerability within the X11 printer configuration tool known as printtool, which was shipped with Red Hat Linux and possibly other Linux distributions. When configuring a printer using the program, permissions for the printer are set to world-readable. It is then possible to access the printer share password, since it is stored in the world-readable file. For more information, visit SecurityFocus.com .

The only good bug is a patched bug!
Have you found a new bug or discovered a nifty little software patch? We’re interested in what you know! Post your findings below or feel free to send us a note.

 

Editor's Picks

Free Newsletters, In your Inbox