Bugtraq mailing list archives
Re: Frotpage Extensions and Unix
From: mjastrem () THUNDER OCIS TEMPLE EDU (M.)
Date: Sat, 15 Mar 1997 14:02:32 -0500
On Mon, 10 Mar 1997, Roland Spatzenegger wrote:
has anyone ever checked the Unix Frontpage Extensions for security holes ? (Haven't found anything in the mailimglist archiv) They are distributed as binaries and run as suid root (and are from M$ .-).
We were investigating installing them here at Temple U. on the request of
a faculty member. Upon installing FP I it dawned on me that they were entirely
too messy and dangerous to use. (They also managed to take control of
99% of the CPU for a couple of hours!). Rather than risk duplication of
effort, see the following pointer for details :
http://www.mr.net/~fritchie/frontpage.html .
//Michael.
. + . ^
, \|/ michael jastremski ( mike () temple edu
* -[ ]- http://newsroom.temple.edu ) http://thunder.temple.edu/~mjastrem
. /|\ temple universe // philadelphia, USA
0 .
Current thread:
- Exploit for buffer overflow in /bin/eject - Solaris 2.X - Cristian SCHIPOR (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Jonathan Sturges (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - The Nocturnal Prince (Mar 13)
- Shockwave Security Alert Aleph One (Mar 13)
- Frotpage Extensions and Unix Roland Spatzenegger (Mar 10)
- Re: Frotpage Extensions and Unix M. (Mar 15)
- Re: Shockwave Security Alert Joseph Fish (Mar 14)
- Internet Explorer Bug #4 Aaron Spangler (Mar 14)
- Internet explorer gives your NT password away! Paul Ashton (Mar 14)
- gzip security problem Aleph One (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Jonathan Sturges (Mar 13)
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Casper Dik (Mar 14)
- <Possible follow-ups>
- Re: Exploit for buffer overflow in /bin/eject - Solaris 2.X - Casper Dik (Mar 14)