Domain: netcraft.co.uk
Stories and comments across the archive that link to netcraft.co.uk.
Stories · 3
-
Remote 'Root' Exploit in IIS 5.0
eEye Digital Security was doing some testing that apparently Microsoft hadn't done on its own webserver (IIS 5.0) running on its latest OS (Windows 2000, all versions). "Within a matter of minutes," they say, "a debugger kicked in on inetinfo.exe because of a 'buffer overflow error'" -- and two weeks later, we got simultaneous announcements from Microsoft and eEye. This is a remote SYSTEM-level exploit in a popular webserver, in the wild, i.e., Danger Will Robinson. eEye says about a million servers will need to be patched; it may be more. Go see Microsoft's writeup and patch. See also eEye's droll and informative writeup, which, now that an exploit is confirmed to be in the wild today, has added some source code. -
VeriSign Supporting Apache
Scott Galambos writes "Verisgn has recently accounced that it will support Apache/SSL with SSLeay for server cert[ificate]s." He also directed us to a Netcraft article as to why the sudden change in policy. Wow. Apache is seeing some real commercial backing, with this and the IBM announcement. -
Apache Still Growing
Netcraft's April Survey shows Apache is still moving up. It grew 1.06% in market share and now tops a million installations on the net (including 3 of mine). MS went up .12% and Netscape dropping .16% this month as well. Thanks to Mike Prettejohn for sending this to us.