Re: WebObjects App Open To Hackers - So I'm Told
Re: WebObjects App Open To Hackers - So I'm Told
- Subject: Re: WebObjects App Open To Hackers - So I'm Told
- From: "Jonathan Fleming" <email@hidden>
- Date: Thu, 03 Jul 2003 18:58:51 +0100
OK guys I hear what you are all saying so i'm going to give you the address
in question live:
http://217.65.164.40/cgi-bin/WebObjects.dll/JandM.woa/1/wa/Terms
Is this address a sucrity issue?
Kind regards
Jonathan :^/
Ps. sorry for posting to every list but this is quite important to clear up.
From: "Jonathan Fleming" <email@hidden>
To: email@hidden, email@hidden,
email@hidden
Subject: WebObjects App Open To Hackers - So I'm Told
Date: Thu, 03 Jul 2003 18:21:18 +0100
Recently I got onto the deployment side of WebObjects and my app is running
nice and fluently, but a Microsoft engineer got word to me through a mutual
friend that my app is fully open to hackers as it shows the complete path
to the cgi-bin through the exposed ip address eg.:
http://nnn.nn.nnn.nn/cgi-bin/WebObjects.dll/Murray.woa/1/wa/Terms
Aparently with such an exposed address a hacker has everything they need to
get into the source and grab what they like... is this true? If so how do I
overcome this open error. By the way I'm not up on my serverside stuff very
well at all, in fact I'm only just learning it since deploying with
WebObjects so I may need some layman explanations.
Kind regards
Jonathan :^|
_________________________________________________________________
Find a cheaper internet access deal - choose one to suit you.
http://www.msn.co.uk/internetaccess
_______________________________________________
webobjects-deploy mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/webobjects-deploy
Do not post admin requests to the list. They will be ignored.
_________________________________________________________________
Find a cheaper internet access deal - choose one to suit you.
http://www.msn.co.uk/internetaccess
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.