|
Search tenon.com
Thanks to:
|
|
WebTen
Re: Apache Vulnerability in WebTen
On Mon, 24 Jun 2002, Ed Pastore wrote:
> > By now most of you have probably see the recent CERT Advisory about
> > an Apache Vulnerability:
> > http://www.cert.org/advisories/CA-2002-17.html
>
> Is the only vulnerability that it opens the server to a DOS attack, or are
> there other vulnerabilities? I'm getting mixed signals from the referenced
> documents. By "execute arbitrary code" does that mean they can turn my web
> server into a spam sender or something? Or what else?
Ed,
By "execute arbitrary code", we mean exactly that -- any code that a
hacker thinks up can be executed. So, in short, the answer to your
question is "yes".
> I too cannot turn on Squid without encountering multiple serious problems,
> so need to know the extent of my vulnerability until I can move to a new
> server (a slow process, as it is still in budgeting, and as I have a lot of
> learning to do beforehand).
What are these "multiple serious problems" that you are experiencing with
Squid on?
Thanks,
Erik.
--
Erik Lotspeich Lead Engineer
Tenon Intersystems erik@xxxxxxxxx
1123 Chapala Street Ste 200 805-963-6983
Santa Barbara, CA 93101-3142 http://www.tenon.com/
|
| Tenon Home |
Products |
Order |
Contact Us |
About Tenon |
Register |
Tech Support |
Resources |
Press Room |
Mailing Lists |
|
Copyright©2003 Tenon Intersystems, 232 Anacapa Street, Suite 2A, Santa Barbara,
CA 93101. All rights reserved.
Questions about our website - Contact:
webmaster@tenon.com.
|
|
