Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 12 Apr 1995 19:18:43 -0400 (EDT)
From:      Network Coordinator <nc@ain.charm.net>
To:        freebsd-security@FreeBSD.org, freebsd-questions@FreeBSD.org
Subject:   httpd - security problem? (question, not a statement)
Message-ID:  <Pine.BSF.3.91.950412191639.621A-100000@ain.charm.net>

Next in thread | Raw E-Mail | Index | Archive | Help

I remember reading somewhere that there is a bug in a number of port 80 
daemons that would allow someone to gain root access remotely through it. 
I know there is a bug when using httpd with Satan v1.0 (well, for as much 
as a I trust CERT), but when not running Satan, is there any harm in 
letting cern_httpd v3.0 run in standalone (full-time) mode [as root, no 
less].

Any ideas on securing up a system would be greatly appreciated.

Thanks,

Jerry.



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.950412191639.621A-100000>