|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ryan Sweat (h3xm3
swbell.net)Date: Sat Jun 22 2002 - 21:12:03 CDT
Linux doesn't seem vulnerable. Tested on both Apache/2.0.39 and
Apache/1.3.20, on Redhat 7.3 and 7.2 respectively. Error log reports
'invalid command [data], perhaps mis-spelled or defined by a module not
included in the server configuration.'
Where is the overflow taking place on OpenBsd?
-ryan
> On Sat, Jun 22, 2002 at 09:11:18PM +0200, Jedi/Sector One wrote:
> > While playing with the SetEnv directive with Apache, I noticed
that
> httpd
> > processes are dying with a signal 11 if the data stored in an
> environment
> > variable was too long.
>
> Nice bug and easy to exploit. I've attached a piece of code which
creates
> an
> .htaccess file. Requesting a directory containing this file causes all
> httpd daemons to die. Works on my OpenBSD 3.1-current.
>
> > --
> > __ /*- Frank DENIS (Jedi/Sector One) <j42-Networks.Com>
-*\
> __
> > \ '/ <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a>
> \' /
> > \/ <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software
</a>
> \/
>
> --
> Alexander Yurchenko (aka grange)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]