Bugtraq mailing list archives

Re: extra long URL attack

From: shuman () triton kaifnet com (M Shariful Anam)
Date: Sun, 12 Jan 1997 01:24:30 +0600


On Fri, 10 Jan 1997, strick -- henry strickland wrote:

i've always wondered how safe it was to count on nobody seeing
past your index.html -- now i know.  I wonder if some varient


It returns "document contains no data" on Linux 1.2.13 and 2.0.25 with
apache 1.2b

But, returns the htdocs index on a Digital Unix w/ Apache 1.1.x

---
 M Shariful Anam                              <shuman () kaifnet com>

                Kaifnet Services -- Bangladesh

Current thread:

not so false alarm: query cgi problem Apropos of Nothing (Jan 10)
- Re: not so false alarm: query cgi problem M Lyons (Jan 10)
- extra long URL attack strick -- henry strickland (Jan 10)
  - Re: extra long URL attack John Robert LoVerso (Jan 11)
  - Re: extra long URL attack Jyri Kaljundi (Jan 11)
  - Re: extra long URL attack M Shariful Anam (Jan 11)
  - Re: extra long URL attack Marc Slemko (Jan 11)
  - Security release: Apache 1.1.2 Brian Behlendorf (Jan 12)
  - Apache 1.1.1 overflow David Sacerdote (Jan 12)
  - AIX for PowerPC exploit Georgi Guninski (Jan 12)