Skip to content
Thoughtful, detailed coverage of everything Apple for 33 years
and the TidBITS Content Network for Apple professionals
Log In
John T. Chapman

NSCA HTTPd Security Hole

John T. Chapman <[email protected]> writes:

A number of postings have shown up recently regarding an Edupage article on 21-Feb-95. This article suggests that there is a security hole in "Mosaic," which could lead to destruction of a number of Web sites.

http://www.educom.edu/edupage.old/edupage.95/ edupage-02.21.95

Unfortunately, this article is somewhat inaccurate: the security weakness lies in the NCSA HTTPd server software (version 1.3) for Unix Web servers. The client software (Mosaic or otherwise) is not responsible for any security problems; in addition, this problem does not affect Macintosh Web servers like MacHTTP.

For more information, check out NCSA’s Web page; there is also a link to a patch for the code and a patched pre-compiled binary version. The URL is:

http://hoohoo.ncsa.uiuc.edu/docs/patch_ desc.html

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 33 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

This site is protected by reCAPTCHA. The Google Privacy Policy and Terms of Service apply.