|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Pavel Kankovsky (peak
argo.troja.mff.cuni.cz)Date: Sun Jun 23 2002 - 15:14:37 CDT
On Sat, 22 Jun 2002, Jedi/Sector One wrote:
> I simply triggered the bug by creating a .htaccess file (so a regular user
> can do it) with :
>
> SetEnv DATE_LOCALE "******************************************..."
ap_cfg_getline() (src/main/util.c), the function used to read lines from
configuration files, including .htaccess, is *very* suspicious. Esp.
the second, "non-getstr" branch (used to interpret parameters of -C only?)
but I suspect the first branch may blow up under some conditions as well.
Of course, something evil might lurk in higher layers of the code as well.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]