Re: Vulnerability in NCSA HTTPD 1.3

Hannu Martikka (martikka@tele.nokia.fi)
Wed, 15 Feb 1995 02:50:56 +0200 (EET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tom Fitzgerald: "Re: Sendmail 8.6.9"
Previous message: Paul Robinson: "Re: IFS"
In reply to: Paul 'Shag' Walmsley: "Re: Vulnerability in NCSA HTTPD 1.3"
Next in thread: Thomas Roessler: "Re: Vulnerability in NCSA HTTPD 1.3"

On Tue, 14 Feb 1995, Paul 'Shag' Walmsley wrote:

> As Thomas implied, this particular problem can probably be fixed by
> changing line 161 of util.c from
> 
> 	char tmp[MAX_STRING_LEN];
> to
> 	char tmp[HUGE_STRING_LEN];
> 
> in NCSA's source.  We're running with the HUGE_STRING_LEN tmp now with no 
> (immediately apparent) bad side-effects (other than Thomas' hack not working 
> any more ;)
There are other similar places. At least one in http_log.c (111).
At least you could overwrite that temp-variable easily, which caused core...

- Goodi

Next message: Tom Fitzgerald: "Re: Sendmail 8.6.9"
Previous message: Paul Robinson: "Re: IFS"
In reply to: Paul 'Shag' Walmsley: "Re: Vulnerability in NCSA HTTPD 1.3"
Next in thread: Thomas Roessler: "Re: Vulnerability in NCSA HTTPD 1.3"