[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Chili!Soft ASP is not vulnerable to the Code Red Worm
- Subject: [cobalt-security] Chili!Soft ASP is not vulnerable to the Code Red Worm
- From: John Brock <john.brock@xxxxxxx>
- Date: Wed, 08 Aug 2001 10:19:45 -0700
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hello all,
It has been brought to our attention here at Chili!Soft, that there is
some concern over the use of Chili!Soft ASP on a Cobalt server, and the
Code Red worm that is growing to become so famous.
We would like to let everyone know that in no way does Chili!Soft ASP
use ISAPI modules on a Linux server, or on any flavor of Unix for that
matter.
The "Code Red" exploit only works on Windows servers using IIS.
Chili!Soft ASP is implemented in the native language of whichever web
server we are associated with. Thus for Apache, we use an Apache
Module, for Netscape, we use an NSAPI module, etc....
Chili!Soft ASP does not rely on FrontPage Server Extensions in any way.
It
will only run .asp or .asa files according to the rules of ASP.
I am not aware of what API or protocol, FrontPage extensions use to
communicate. This is something that you would need to talk to Microsoft
or Ready To Run (the company that provides FPSE for Unix/Linux) about.
I hope that these facts help you feel a little bit better about the
environment that you are running within.
If there are any specific questions that anyone has in regards to the
Chili!Soft ASP product, please feel free to drop an e-mail to either
chili.eval@xxxxxxx or chili.info@xxxxxxx and someone from Chili!Soft
will
get back to you directly.
Best regards,
--jb
--
John "JB" Brock
The Cook
Chili!Soft Product Management Team
Sun Microsystems