Bugtraq mailing list archives
Re: Frotpage Extensions and Unix
From: mjastrem () THUNDER OCIS TEMPLE EDU (M.)
Date: Sat, 15 Mar 1997 14:02:32 -0500
On Mon, 10 Mar 1997, Roland Spatzenegger wrote:
has anyone ever checked the Unix Frontpage Extensions for security holes ? (Haven't found anything in the mailimglist archiv) They are distributed as binaries and run as suid root (and are from M$ .-).
We were investigating installing them here at Temple U. on the request of a faculty member. Upon installing FP I it dawned on me that they were entirely too messy and dangerous to use. (They also managed to take control of 99% of the CPU for a couple of hours!). Rather than risk duplication of effort, see the following pointer for details : http://www.mr.net/~fritchie/frontpage.html . //Michael. . + . ^ , \|/ michael jastremski ( mike () temple edu * -[ ]- http://newsroom.temple.edu ) http://thunder.temple.edu/~mjastrem . /|\ temple universe // philadelphia, USA 0 .
Current thread:
- Exploit for buffer overflow in /bin/eject - Solaris 2.X - Cristian SCHIPOR (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Jonathan Sturges (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - The Nocturnal Prince (Mar 13)
- Shockwave Security Alert Aleph One (Mar 13)
- Frotpage Extensions and Unix Roland Spatzenegger (Mar 10)
- Re: Frotpage Extensions and Unix M. (Mar 15)
- Re: Shockwave Security Alert Joseph Fish (Mar 14)
- Internet Explorer Bug #4 Aaron Spangler (Mar 14)
- Internet explorer gives your NT password away! Paul Ashton (Mar 14)
- gzip security problem Aleph One (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Jonathan Sturges (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Casper Dik (Mar 14)
- <Possible follow-ups>
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Casper Dik (Mar 14)