AppleShare IP 6.3.2 Shuts Security Hole
Apple Computer has released AppleShare IP 6.3.2, a minor but important update designed to fix a potential security problem in the Web server module of AppleShare IP 6.1 and later. The security problem works as follows: HTTP clients such as Web browsers can ask for either an entire page at a time or a range of data. If a client asks for an invalid range of data from a Web page, AppleShare IP’s Web server may return up to 32K of the contents of RAM (which could, of course, contain anything that’s being worked on at the time). The free update requires AppleShare IP 6.3.1 and Mac OS 9.0.4 (so make sure you upgrade to those versions before trying to install), and is a 1.1 MB download.