Yes, that would make sense. I suppose any other JRun vulnerabilities would also persist in Sitespring. I received some information from Macromedia tech saying that they have prevented directory browsing in Sitespring, but they are currently investigating other issues regarding the embedded Jrun right now.
BTW I have heard a lot about your company and refer to it in my class when I teach my students Flash. You guys do some great work regards, Edward Apostol developer, instructor - E-Commerce, Wireless and New Media Ryerson University Toronto, ON Canada ----- Original Message ----- From: "Dave Watts" <[EMAIL PROTECTED]> To: "JRun-Talk" <[EMAIL PROTECTED]> Sent: Thursday, December 06, 2001 12:34 PM Subject: RE: security alert, IIS and Jrun vulnerability and Macromedia Sit espring > > I am researching Macromedia's new product, Sitespring, which > > is based on the JRun Server. Would this vulnerability affect > > it and any other applications that are sold based on the JRun > > Server? > > By default, when you use Sitespring, you're using the JRun Web Server as the > front end, rather than IIS. In that case, this vulnerability doesn't affect > SiteSpring. However, if you configure the JRun Web Connector so that > Sitespring uses IIS instead of JRun Web Server, then you'd be affected, I > think. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > voice: (202) 797-5496 > fax: (202) 797-5444 > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
