Date: Wed, 12 Apr 1995 19:18:43 -0400 (EDT) From: Network Coordinator <nc@ain.charm.net> To: freebsd-security@FreeBSD.org, freebsd-questions@FreeBSD.org Subject: httpd - security problem? (question, not a statement) Message-ID: <Pine.BSF.3.91.950412191639.621A-100000@ain.charm.net>
next in thread | raw e-mail | index | archive | help
I remember reading somewhere that there is a bug in a number of port 80 daemons that would allow someone to gain root access remotely through it. I know there is a bug when using httpd with Satan v1.0 (well, for as much as a I trust CERT), but when not running Satan, is there any harm in letting cern_httpd v3.0 run in standalone (full-time) mode [as root, no less]. Any ideas on securing up a system would be greatly appreciated. Thanks, Jerry.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.950412191639.621A-100000>