[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] FW: Chili!Soft ASP Multiple Vulnerabilities FIX

Subject: RE: [cobalt-security] FW: Chili!Soft ASP Multiple Vulnerabilities FIX
From: "Audric Leperdi" <aleperdi@xxxxxxxxxxxxx>
Date: Thu, 22 Feb 2001 10:43:37 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> ChiliSoft very politely returns the servers ADMIN and encrypted password
> to the browser.
You can always remove the samples virtual dirs in http.conf. (as the
security bulletin instructs)
Sorry I checked and there are no  references of the virtual dir in
http.conf. They are instead in /home/chiliasp/asp-server-3000/casp.cnfg and
they are called "applications".
It's simple: remove/comment_out those lines.


> The ChiliSoft Server Admin Password is the same as the Servers Main
> Admin aka Root.

Not true on my server (RaQ3i). Anyway you can change the casp admin password
by removing the user and recreating it immediately after using the shell
base admintool.

Audric

References:
- [cobalt-security] FW: Chili!Soft ASP Multiple Vulnerabilities
  - From: Tony

Prev by Date: RE: [cobalt-security] FW: Chili!Soft ASP Multiple Vulnerabilities
Next by Date: [cobalt-security] netstat
Previous by thread: RE: [cobalt-security] FW: Chili!Soft ASP Multiple Vulnerabilities
Next by thread: RE: [cobalt-security] FW: Chili!Soft ASP Multiple Vulnerabilitie s

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index