Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

NSCA HTTPd Security Hole

Send Article to a Friend

John T. Chapman <jtc1@cornell.edu> writes:

A number of postings have shown up recently regarding an Edupage article on 21-Feb-95. This article suggests that there is a security hole in "Mosaic," which could lead to destruction of a number of Web sites.

http://www.educom.edu/edupage.old/edupage.95/ edupage-02.21.95

Unfortunately, this article is somewhat inaccurate: the security weakness lies in the NCSA HTTPd server software (version 1.3) for Unix Web servers. The client software (Mosaic or otherwise) is not responsible for any security problems; in addition, this problem does not affect Macintosh Web servers like MacHTTP.

For more information, check out NCSA's Web page; there is also a link to a patch for the code and a patched pre-compiled binary version. The URL is:

http://hoohoo.ncsa.uiuc.edu/docs/patch_ desc.html

 

PDFpen and PDFpenPro 7 make PDF editing easy. Review and mark up
your PDFs, fill and sign forms, and even export PDFs to Word format.
Signing is now easier, you can view the OCR text layer, and more.
Try editing your PDFs today! <http://smle.us/pdfpen-7-tb>