|
Search tenon.com
Thanks to:
|
|
WebTen
Re: Apache Vulnerability in WebTen
On Monday 24 June 2002 11:50 am, you wrote:
> Is the only vulnerability that it opens the server to a DOS attack, or are
> there other vulnerabilities? I'm getting mixed signals from the referenced
> documents. By "execute arbitrary code" does that mean they can turn my web
> server into a spam sender or something? Or what else?
It means they can assume "root" (read 'god' of all server ops) on the machine
in question - of course that's mostly moot for OS9 - but they could get some
access to what to the httpd server does, and, I suppose upload and execute
some scripts.
I personally wouldn't worry about it too much - it's not as if your a "high
profile" site such as yahoo or something - It's also more of a vulnerability
for Unix/windows machine, which, though there is an internel bash shell in
webten, you cannot do much with it, other then erase stuff-
Back up your box.
--
Robert Brandtjen
--------------------------------------
Web Site Creation and Hosting Services
Hostmaster@xxxxxxxxxxxxxxxxxxx
www.prometheusmedia.com
|
| Tenon Home |
Products |
Order |
Contact Us |
About Tenon |
Register |
Tech Support |
Resources |
Press Room |
Mailing Lists |
|
Copyright©2003 Tenon Intersystems, 232 Anacapa Street, Suite 2A, Santa Barbara,
CA 93101. All rights reserved.
Questions about our website - Contact:
webmaster@tenon.com.
|
|
