[1513] in WWW Security List Archive
Re: Netscape security hole also exists in Website server (but no
daemon@ATHENA.MIT.EDU (Peter Trei)
Wed Feb 21 14:24:13 1996
From: "Peter Trei" <ptrei@acm.org>
To: lstein@kaa.crbm.cnrs-mop.fr, trei@ns2.rutgers.edu,
eastlake@ns2.rutgers.edu
Date: Wed, 21 Feb 1996 11:17:23 -6
Reply-to: trei@process.com
CC: www-managers@lists.stanford.edu, www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
At the risk of tooting my own horn, I'd like to say that I anticipated this attack
nearly a year ago, and Process Software's Purveyor web server (SSL
version shipping March 11) is immune to it (as well as the perl.exe?-e
attack).
> Brian Kendig writes:
> > The serious Netscape security hole which is described in the WWW Security
> > FAQ ("http://www-genome.wi.mit.edu/WWW/faqs/www-security-faq.html") also
> > exists in the O'Reilly Website web server.
[...]
> > __ __
> > | \ | | Brian Kendig, Mad Scientist /
> > | \| | Netscape Communications Corporation / *
> > | |\ | brian@netscape.com * /
> > |__| \__| Check out our support pages! *
> > http://home.netscape.com/assist/support/
Peter Trei
Senior Software Engineer
Purveyor Development Team
Process Software Corporation
http://www.process.com
trei@process.com
