WebSitePro Server Version

Impact

Most versions of O'Reilly's WebSitePro Server (httpd_32.exe) may be vulnerable to a buffer overflow attack. Version 2.4.x have been confirmed to be vulnerable. Prior versions may also be vulnerable.

Background

The Cerberus Security Team reported potential vulnerabilities in O'Reilly WebSite servers (CISADV000717).

Resolution

O'Reilly recommends that users upgrade to Version 2.5.x. Upgrades are available at http://website.oreilly.com/support/software/wsp2x_updates.cfm

Where can I read more about this?

You may read more about this vulnerability in CIS advisores