|
Interestingly enough, the URL is ALMOST correct... the actual URL for IBM web server "efix" information is: http://www-4.ibm.com/software/webservers/appserv/efix.html Note the lowercase "w" in "webservers". Perusal of this page doesn't list the problem indicated in the email. There is a list of known WebSphere security issues at: http://www-4.ibm.com/software/webservers/security.html Joe > -----Original Message----- > From: Joe Pluta [mailto:joepluta@PlutaBrothers.com] > Sent: Thursday, July 05, 2001 10:56 PM > To: MIDRANGE-L@midrange.com > Subject: RE: WebSphere/VisualAge CSS Vulnerability - Lotus Domino CSS > Vulnerability > > > I tried it... couldn't get it to fail. The URL for the "vendor > confirmation" is bogus, and the "attack" just causes a typical > 404 error. This is with the original IBM HTTP server, it might > fail with the Apache HTTP server. Someone might want to try it. > > Joe +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
