Recent versions of this modestly popular web server have been shown tobe vulnerable to a simple DoS through the sample cgi script testcgi.exe.
Sambar's developer recommends that users remove this sample applicationfrom any production servers. As a rule, vendor supplied samples of allsorts should be removed from all production machines (i.e. ones exposedto potentially hostile networks). Several other recent, minor securityissues with the Sambar server are also documented on the developer'ssecurity page.
More info at: http://www.sambar.com/security.htm