Cracked! To the surprise of the Macintosh Internet community, the second-generation Crack-A-Mac Web server security challenge noted in TidBITS-387 was successfully defeated last week. Unlike the first Crack-A-Mac challenge (which featured an out-of-the-box Mac Web server; see TidBITS-378), the second contest was built around a sophisticated server setup featuring third-party software for remote administration, database access, and other functions. Apparently, the successful break-in exploited a security hole in Lasso, a CGI from Blue World Communications that ties together WebSTAR and FileMaker Pro. Blue World has issued a security patch for Lasso; in addition, Pacific Coast has updated its SiteEdit products to address similar potential problems. The Crack-A-Mac challenge is up and running again, and still offering 100,000 Swedish crowns (about $12,500 U.S.) to anyone else who can break in by 15-Oct-97. [GD]

<http://hacke.infinit.se/>
<http://www.blueworld.com/>
<http://www.pacific-coast.com/>

Permanent article URL: http://db.tidbits.com/article/4093
This is a specially formatted version of this TidBITS article that removes colors, and optionally removes images; it's designed to minimize the use of ink and paper.
Unless otherwise noted, this article is copyright © 1997 TidBITS Publishing, Inc.. TidBITS is copyright © 2008 TidBITS Publishing Inc. Reuse governed by this Creative Commons License: http://www.tidbits.com/terms/.