NSCA HTTPd Security Hole
John T. Chapman <[email protected]> writes:
A number of postings have shown up recently regarding an Edupage article on 21-Feb-95. This article suggests that there is a security hole in "Mosaic," which could lead to destruction of a number of Web sites.
http://www.educom.edu/edupage.old/edupage.95/ edupage-02.21.95
Unfortunately, this article is somewhat inaccurate: the security weakness lies in the NCSA HTTPd server software (version 1.3) for Unix Web servers. The client software (Mosaic or otherwise) is not responsible for any security problems; in addition, this problem does not affect Macintosh Web servers like MacHTTP.
For more information, check out NCSA’s Web page; there is also a link to a patch for the code and a patched pre-compiled binary version. The URL is: