[3718] in WWW Security List Archive
Re: Frontpage/Apache/BSDI
daemon@ATHENA.MIT.EDU (Andrew J. Hoag)
Thu Dec 5 17:10:18 1996
From: "Andrew J. Hoag" <ahoag@nas.nasa.gov>
Date: Thu, 5 Dec 1996 10:54:34 -0800
In-Reply-To: "Sheen Yap" <sheen@spin.net.au>
"Frontpage/Apache/BSDI" (Dec 5, 7:04pm)
To: "Sheen Yap" <sheen@spin.net.au>
Cc: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
On Dec 5, 7:04pm, Sheen Yap wrote:
> Subject: Frontpage/Apache/BSDI
> Hi,
>
> I was wondering where can I find information
> regarding security issues relating to the
> installation of MS Frontpage Extensions to an
> Apache 1.1.1 server running on BSD/OS 2.1.
>
> The server is used by an ISP hosting subscribers'
> home pages.
Scott Fritchie at MRNet did an excellent rant on the problems with MS Frontpage
(and he has pointer to other info about it as well), including an exploit.
Check out:
http://www.mr.net/~fritchie/frontpage.html
for the goods.
--
| Andrew Hoag | MS 258-6 | Voice: (415) 604-4972 |
| Network Engineer | Moffett Field, CA 94035 | Fax: (415) 604-4377 |
| High-Speed LAN +------------------------+---+--------------------+
| NAS Facility | http://www.gac.edu/~ahoag/ | ahoag@nas.nasa.gov |
--
