Important security information regarding Server3

[Joe Sirott]

Hi,

It would be very helpful to those of us who develop servers if more 
information about the exploit was released. Just the general nature of 
the attack, not details (of course).

Rumor has it that the attack exploited a command execution 
vulnerability. So any OPeNDAP server, even one implemented as a Java 
servlet, is potentially vulnerable to a similar style of attack as long 
as the server uses command line arguments derived from user input to run 
executable programs on the backend (like GDS and FDS).

- Joe