[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hackers invade DOJ web site

To: [email protected]
Subject: Re: Hackers invade DOJ web site
From: Bill Stewart <[email protected]>
Date: Mon, 26 Aug 1996 23:24:13 -0700
Sender: [email protected]

At 08:35 PM 8/20/96 -0700, some anonym remailer user wrote:
>All webservers (except maybe Spinner?) are riddled with buffer overrun
>bugs and other similar security holes.  If you run a webserver, you
>should basically assume that anyone who really wants a shell on your
>machine can get one.  Grab your favorite webserver and grep for
>sprintf.

Fred Cohen put out an 80-line-C GET-only HTTP server which is
short enough to verify that it doesn't have security bugs
like memory leaks, etc.  It's not blazingly fast,
and all it does is server pages, but it's clean.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 [email protected]
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!

Prev by Date: Re: The POUCH
Next by Date: Re:Edited Edupage, 18 Aug 1996 [SATELLITES]
Prev by thread: Re: Hackers invade DOJ web site
Next by thread: Possible opportunity for school recruitment
Index(es):
- Date
- Thread