TUCoPS :: Macintosh :: ashare2.htm

AppleShare IP 6.3.2 returns extra data when invalid range request made 
Vulnerability

    AppleShare

Affected

    AppleShare IP 6.3.2

Description

    Deepquest found following.  AppleShare  IP Web & File 6.3.2  fixes
    a potential  security problem  in the  Web server  in versions  of
    AppleShare IP  6.1 and  later.   When an  invalid range request is
    made to the Web  server by a client  computer, the Web server  can
    return an extra 32 kilobytes (kb) of data.

    res Mac OS  9.0.4 or sort  of (If you  have a Macintosh  Server G4
    with Mac OS 9.0.3 installed, you do not need to upgrade to Mac  OS
    9.0.4.).

Solution

    Upgrade to AppleShare IP Web & File 6.3.2.  Details & Patch:

        http://asu.info.apple.com/swupdates.nsf/artnum/n11670

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH