4D Inc. has released an update to WebSTAR V to fix a security problem discovered with Macs whose hard drives have been formatted using the Macintosh Extended Hierarchical File System (HFS+) — the standard volume format for Mac OS X. The update prevents the WebSTAR V Web server software from being used to retrieve hidden file contents from within Web site folders.
A similar security problem was fixed with Apple’s
December Security Update, released earlier this month, though that specifically focused on the Apache Web server software included with Mac OS X. Security company NetSec Inc. then
issued a warning
that the HFS+ exploit was still present in Mac OS X configurations running Web servers other than Apache, such as WebSTAR.
software is a popular commercial server package for Mac OS X that incorporates dynamic Web site hosting support, database publishing, file service, e-mail service and other capabilities with an easy-to-use graphical front-end. The security update is available for download from
4D’s Web site.