Bugtraq mailing list archives
Re: Vulnerability in NCSA HTTPD 1.3
From: ckd () loiosh kei com (Christopher Davis)
Date: Thu, 16 Feb 1995 13:03:43 -0500
RMH> == Robert M Haas <rhaas () cygnus arc nasa gov> ckd> CERN's httpd seems to be a bit smarter about this sort of thing, but ckd> it's SO huge that even if they have only 10% as many bugs per K, ckd> they're worse than NCSA. RMH> Are there known bugs in CERN's httpd? Is there a buglist? If so I RMH> would appreciate a copy... I don't know of any bugs in CERN's httpd, and I haven't seen a buglist. I just noted the huge difference in code size (it's a very coarse metric, I know, but I find it a useful rule of thumb). RMH> I'm running CERN's httpd chroot'd, figuring that gives me a little RMH> room for error. Am I kidding myself? Probably not. At least chroot() will help matters somewhat. ObBug1: wn/0.97a and earlier has the same problem as NCSA httpd. Get 0.98. ObBug2: Netscape doesn't like the WWW-Link http header on images; it'll show a broken image instead. wn will emit this header. I #ifdef'ed it out for now (and reported the bug to Netscape Communications).
Current thread:
- Vulnerability in NCSA HTTPD 1.3 Thomas Lopatic (Feb 13)
- Re: Vulnerability in NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 13)
- Re: Vulnerability in NCSA HTTPD 1.3 Christopher Davis (Feb 14)
- Re: Vulnerability in NCSA HTTPD 1.3 Robert M. Haas (Feb 14)
- Re: Vulnerability in NCSA HTTPD 1.3 Christopher Davis (Feb 16)
- Re: Vulnerability in NCSA HTTPD 1.3 Christopher Davis (Feb 14)
- Fixing the NCSA HTTPD 1.3 Thomas Lopatic (Feb 14)
- Re: Fixing the NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 15)
- Re: Fixing the NCSA HTTPD 1.3 Rens Troost (Feb 15)
- Re: Fixing the NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 15)
- For NCSA Http_1.05a Everett F Batey WA6CRE (Feb 15)
- Sendmail 8.6.9 Nathan Lawson (Feb 14)
- Re: Sendmail 8.6.9 Perry E. Metzger (Feb 14)
- Re: Sendmail 8.6.9 Tom Fitzgerald (Feb 14)
- Re: Sendmail 8.6.9 Perry E. Metzger (Feb 15)
- Re: Vulnerability in NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 13)