Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the best-selling Take Control ebooks.

NSCA HTTPd Security Hole

John T. Chapman <jtc1@cornell.edu> writes:

A number of postings have shown up recently regarding an Edupage article on 21-Feb-95. This article suggests that there is a security hole in "Mosaic," which could lead to destruction of a number of Web sites.

http://www.educom.edu/edupage.old/edupage.95/ edupage-02.21.95

Unfortunately, this article is somewhat inaccurate: the security weakness lies in the NCSA HTTPd server software (version 1.3) for Unix Web servers. The client software (Mosaic or otherwise) is not responsible for any security problems; in addition, this problem does not affect Macintosh Web servers like MacHTTP.

For more information, check out NCSA's Web page; there is also a link to a patch for the code and a patched pre-compiled binary version. The URL is:

http://hoohoo.ncsa.uiuc.edu/docs/patch_ desc.html

 

PDFpen is your Swiss Army knife for PDFs. Slice and dice with tools
for reviewing, editing, signing, redacting, and exporting to Word.
With v.8 use digital signatures, and view file & audio attachments.
Solve your PDF dilemmas, try PDFpen. <http://smle.us/pdfpen8-tb>