Security Hole In Netscape's Web Server?

Genny Engel gen at stubbs.ucop.edu
Wed Sep 20 06:06:28 EDT 1995


On Tue, 19 Sep 1995 slavko at kean.ucs.mun.ca wrote:

> This morning (tuesday) there was a news story on Canada's national
> news network describing a security hole in Netscape's Web server which
> made it possible for someone to break into your host in about a minute.
> The story also stated that a secure version of Netscape's server would
> be available in a about a week. As soon as I heard the story I dialed into
> my host and shut down the web server. I don't plan on bringing it up 
> until the secure version is installed. I am surprised that this story
> has not reached this newsgroup. Any comments?
> 

If you go to Netscape's server at http://www.netscape.com you can get 
info about updating your software.  They have a pretty obvious link named 
"Security Hole" or some such.

Evidently the security hole allows people to see what information is 
transmitted; from what I read, it didn't look like it allowed them to do 
damage such as changing files on your server.

Genny Engel
gen at dla.ucop.edu


More information about the Web4lib mailing list