WebSTAR Update Patches Vulnerabilities -- 4D, Inc. has released version 5.3.3 of its 4D WebSTAR Web, email, and FTP server suite to address reported vulnerabilities and add other enhancements. The update is free to all licensed WebSTAR V owners. WebSTAR versions 5.3.2 and earlier have a stack overflow vulnerability in their FTP service that could allow an attacker to gain administrative privileges by sending a long FTP command; a sample script included with WebSTAR could allow directory indexing of any directory on the server; and the Web server component could allow an attacker to download the php.ini files that might contain sensitive information such as the account name and password used by PHP to communicate with databases. All WebSTAR server administrators should update their servers to the latest version. 4D says the upgrade also offers improved spam filtering, with the addition of IP address whitelisting and the capability to filter messages pre-tagged with SpamAssassin headers. [MHA]
Viewing Wi-Fi Details in Snow Leopard
In Snow Leopard, hold down the Option key before clicking the AirPort menu. Doing so reveals additional technical details including which standards, speeds, and frequencies you're using to connect, as well as what's in use by other networks. With the Option key held down and with a network already joined, the AirPort menu reveals seven pieces of information: the PHY Mode, the MAC (Media Access Control) address, the channel and band in use, the security method that's in use, the RSSI (Received Signal Strength Indication) measurement, the transmit rate, and the MCS Index. In Leopard, some, but not all, of these details are revealed by Option-clicking the AirPort menu.