BUGS and FIXES
- 19 August, 1998 17:16
Netscape has posted patches for most of its server products to guard against the "Million Question" vulnerability. This bug enables a single encrypted Secure Sockets Layer (SSL) network conversation to be recorded and decrypted. The company says the following products are especially vulnerable: Enterprise Servers using SSL to protect data being sent across the Internet; Proxy Servers in secure reverse proxy mode; and Messaging and Collabra servers that are run exclusively in SSL mode via an unprotected network. If you are using a Netscape server product, go to (help.netscape.com/products/server/ssldiscovery/ index.html) to download the appropriate patch.
Enterprise server 3.01
If you had been using Netscape FastTrack Server 2.01 and have upgraded to Netscape Enterprise Server 3.01, you may find that you have lost the capability to password protect certain directories.
Netscape says you will need to adjust the Access Control List for each directory that you want to protect.
Sample code to do this is available at: (help.netscape.com/kb/server/980707-12.html).