Bugtraq mailing list archives

New Allaire Security Zone Bulletins

From: aleph1 () UNDERGROUND ORG (Aleph One)
Date: Thu, 8 Jun 2000 11:03:42 -0700


Dear Allaire Customer --

A new security issue that may affect Allaire customers has recently come to our attention. Please visit the Security 
Zone at the Allaire Web site to learn about this new issue and what actions you can take to address it:

http://www.allaire.com/security

This week we posted the following new Allaire Security Bulletin:

ADDED:

ASB00-14: Workaround available for Denial of Service attack against ColdFusion Administrator

As a Web application platform vendor, one of our highest concerns is the security of the systems our customers deploy. 
We understand how important security is to our customers, and we're committed to providing the technology and 
information customers need to build secure Web applications. Thank you for your time and consideration on this issue.

-- Security Response Team, Allaire Corporation

P.S. As a reminder, Allaire has set up an email address that customers can use to report security issues associated 
with an Allaire product: secure () allaire com

Current thread:

Re: IBM HTTP SERVER / APACHE, (continued)
- Re: IBM HTTP SERVER / APACHE H D Moore (Jun 01)
  - Re: IBM HTTP SERVER / APACHE Luke Harless (Jun 01)
  - Security Administration comes to LISA 2000 Cat Okita (Jun 01)
  - Remote DoS attack in RealServer: USSR-2000043 David Cotter (Jun 01)
  - ipx storm Jacek Lipkowski (Jun 02)
  - Microsoft Security Bulletin (MS00-032) Microsoft Product Security (Jun 02)
  - Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability Ussr Labs (Aug 02)
    - Piranha password file frostman () SECUREACCESS INTRANETS COM (Jun 02)
    - Re: Piranha password file arkth (Jun 08)
    - Re: Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability Alfred Perlstein (Jun 02)
    - New Allaire Security Zone Bulletins Aleph One (Jun 08)
- Re: IBM HTTP SERVER / APACHE . Hecix (Jun 02)
- Re: IBM HTTP SERVER / APACHE Marc Slemko (Jun 03)