Arising a serious flaw in Macromedia products

Macromedia has just released a patch for three security vulnerabilities in its enterprise server product line - Flash Media Server, Breeze Communication Server / Live Server and Contribute Publishing Server.

According to Secunia's warning, the above vulnerabilities allow hackers to initiate a denial-of-service attack on the affected computer system. The vulnerability is classified as "average" by Secunia.

The vulnerability in Macromedia Flash Media Server affects versions from 1.0 to 1.5, and may cause the server to be unstable or suspended . Vulnerability in Macromedia Breeze Communication Server / Live Server (part of Macromedia's Web conferencing and communication software package) opens up the opportunity to attack DoS (denial of service attacks) on the system when installing versions Breeze from 4x to 5x.

The third flaw, and also the last flaw, affects Macromedia Contribute Publishing Server, allowing hackers to steal sensitive information from the system. The cause of this error stems from the weak user password encryption algorithm and connection key in the FTP login credential proxy sharing mechanism.

The three flaws are security flaws that follow a serious flaw in the upgrade. Macromedia Flash Player 7.0.19.0 (including older versions), once allowed hackers to hack into millions of computers.

VH - (eWeek)