NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Various (Microsoft, SGI, Debian, SuSE)> 2000-q3

Subject: IMPORTANT: Spectra Security Notice
From: SecurityZoneallaire.com
Date: Mon Sep 11 2000 - 11:40:20 CDT

Next message: Michael Stone: "[SECURITY] New version of libpam-smb released"
Previous message: Microsoft Product Security: "Microsoft Security Bulletin (MS00-066)"
Maybe reply: SecurityZoneallaire.com: "IMPORTANT: Spectra Security Notice"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear Allaire Customer --

New security issues that may affect Allaire customers have recently come to our attention. Please visit the Security Zone at the Allaire Web site to learn about these new issues and what actions you can take to address them:

http://www.allaire.com/security

This week we posted the following new Allaire Security Bulletins:

ADDED:

ASB00-24: Microsoft (MS00-060): Patch Available for "IIS Cross-Site Scripting" Vulnerabilities
  Affects:
    Microsoft Internet Information Server 4.0
    Microsoft Internet Information Server 5.0

ASB00-25: Microsoft (MS00-063): Patch Available for "Invalid URL" Vulnerability
  Affects:
    Microsoft Internet Information Server 4.0
    Microsoft Internet Information Server 5.0

Security Best Practices Article: Evaluating the Risks of Allowing Uploading and of Attached Files on Your Server (Article 17407)
  Affects:
    ColdFusion (all editions)

As a Web application platform vendor, one of our highest concerns is the security of the systems our customers deploy. We understand how important security is to our customers, and we're committed to providing the technology and information customers need to build secure Web applications. Thank you for your time and consideration on this issue.

-- Security Response Team, Allaire Corporation

P.S. As a reminder, Allaire has set up an email address that customers can use to report security issues associated with an Allaire product: secureallaire.com

======================================================================================
Allaire respects the Web and the privacy of those who use it. If you do not
want to receive any future messages from Allaire please forward this email to
removeallaire.com with the subject "REMOVE".
======================================================================================

Next message: Michael Stone: "[SECURITY] New version of libpam-smb released"
Previous message: Microsoft Product Security: "Microsoft Security Bulletin (MS00-066)"
Maybe reply: SecurityZoneallaire.com: "IMPORTANT: Spectra Security Notice"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]