[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SunOS : web server misconfiguration

Subject: SunOS : web server misconfiguration
Date: Wed, 09 Jul 1997 13:53:06 -0700
Date: Wed, 09 Jul 1997 13:53:06 -0700
Delivery-date: Wed, 09 Jul 1997 13:55:13 -0700 (5.67b/IDA-1.4.4 for CHWONG); Wed, 9 Jul 1997 13:54:12 -0700

Some UCI systems have web servers running as "root".

While this is not a direct vulnerability in itself, it is widely
reguarded as a misconfiguration, and does allow crackers to gain root
access relatively easily.

If you have a contract with DCS, we'll be fixing this for you.

[This notice is a part of OAC's efforts to keep the campus informed of
potential computer security liabilities.  Please send any questions or
concerns to us at DCS@UCI.EDU]

Prev by Date: WIN :[Fwd: [NTSEC] GetAdmin Hotfix]
Next by Date: CERT Vendor-Initiated Bulletin VB-97.06 - Vul in Lynx Downloading
Previous by thread: WIN :[Fwd: [NTSEC] GetAdmin Hotfix]
Next by thread: CERT Vendor-Initiated Bulletin VB-97.06 - Vul in Lynx Downloading
Index(es):
- Date
- Thread