AOH :: Macintosh :: ASHARE2.HTM

AOH :: Macintosh :: ASHARE2.HTM
AppleShare IP 6.3.2 returns extra data when invalid range request made

Vulnerability

    AppleShare

Affected

    AppleShare IP 6.3.2

Description

    Deepquest found following.  AppleShare  IP Web & File 6.3.2  fixes
    a potential  security problem  in the  Web server  in versions  of
    AppleShare IP  6.1 and  later.   When an  invalid range request is
    made to the Web  server by a client  computer, the Web server  can
    return an extra 32 kilobytes (kb) of data.

    res Mac OS  9.0.4 or sort  of (If you  have a Macintosh  Server G4
    with Mac OS 9.0.3 installed, you do not need to upgrade to Mac  OS
    9.0.4.).

Solution

    Upgrade to AppleShare IP Web & File 6.3.2.  Details & Patch:

        http://asu.info.apple.com/swupdates.nsf/artnum/n11670

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2009 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.