Cerberus Information Security Advisory (CISADV000718) - A buffer overflow has been discovered in webfind.exe which comes with O'Reilly's WebSite Pro. This overflow can be exploited by an attacker to execute arbitrary code. If webfind.exe receives a search string of over 1024 bytes the stack is overwritten. A proof of concept exploit is included.
12b26b233ae8e86c75290b8e6e7d8e59ce23a84ea10e6ac5d0c3e8d5251236b9
The Cerberus Security Team has discovered that a flaw in the Carello web shopping cart enables remote attackers to vi ew .asp files on the the server's computer Affected system: Windows NT running IIS.
660eb984197ab48859340fb6d1ef3d916beb70b6534fb06bb49318f17b072048