Macromedia has recently released a patch for three security vulnerabilities in its enterprise server product line – Flash Media Server, Breeze Communication Server/Live Server, and Contribute Publishing Server.
According to a warning from Secunia, these vulnerabilities allow hackers to launch denial-of-service (DoS) attacks on the affected computer systems. Secunia has rated these vulnerabilities as having a “medium” severity level.
The vulnerability in Macromedia Flash Media Server affects versions from 1.0 to 1.5 and could cause the server to become unstable or crash. The vulnerability in Macromedia Breeze Communication Server/Live Server (part of Macromedia’s web communication and conferencing software suite) presents an opportunity for DoS attacks on systems running Breeze versions from 4x to 5x.
The third and final vulnerability impacts Macromedia Contribute Publishing Server, allowing hackers to steal sensitive information from the system. This flaw arises from a weak password encryption algorithm and poor connection keys in the FTP login credential sharing mechanism.
These three vulnerabilities are a continuation of security issues following a serious flaw in the Macromedia Flash Player 7.0.19.0 upgrade (including older versions), which previously allowed hackers to infiltrate millions of computers.
VH – (eWeek)
