Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 18 Apr 1995 18:20:20 -0400 (EDT)
From: (John Fieber)
To: (Network Coordinator)
Subject:   Re: httpd - security problem? (question, not a statement)
Message-ID:  <>
In-Reply-To: <> from "Network Coordinator" at Apr 12, 95 07:18:43 pm

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Network Coordinator writes:
> I remember reading somewhere that there is a bug in a number of port 80 
> daemons that would allow someone to gain root access remotely through it. 
> I know there is a bug when using httpd with Satan v1.0 (well, for as much 
> as a I trust CERT), but when not running Satan, is there any harm in 
> letting cern_httpd v3.0 run in standalone (full-time) mode [as root, no 
> less].

There was a bug in the NCSA http server which has since been
fixed.  I'm not currently aware of any problems with the CERN


=== ================================================
=================================== Come up and be a kite!  --K. Bush ===

Want to link to this message? Use this URL: <>