Hackers invade DOJ web site

Bill Stewart stewarts at ix.netcom.com
Tue Aug 27 01:54:56 PDT 1996


At 08:35 PM 8/20/96 -0700, some anonym remailer user wrote:
>All webservers (except maybe Spinner?) are riddled with buffer overrun
>bugs and other similar security holes.  If you run a webserver, you
>should basically assume that anyone who really wants a shell on your
>machine can get one.  Grab your favorite webserver and grep for
>sprintf.

Fred Cohen put out an 80-line-C GET-only HTTP server which is
short enough to verify that it doesn't have security bugs
like memory leaks, etc.  It's not blazingly fast,
and all it does is server pages, but it's clean.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 	Reassign Authority!







More information about the cypherpunks-legacy mailing list