Bugtraq mailing list archives
Using backspace in HTTP requests (Re: Securax Advisory 12)
From: Philip Stoev <philip () STOEV ORG>
Date: Wed, 3 Jan 2001 23:02:17 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As people noted in the past, this seems only applicable to server administrators that use grep/tail/less/more/cat, etc. on their log files. Obviously, they are not many. Hovever, this issue becomes somewhat of problem if this log file is ran through a log analysis tool that preserves the backspace characters and other garbage so that they appear in its output reports. And there are people that will view this output using the above-mentioned tools, even though they will not view the logs themselves this way. An attacker with knowledge of the end output may construct malformed HTTP requests that target its layout. I know at least one log analysis tool that seems vulnerable such a scenario. Philip www stoev org - ----- Original Message ----- From: "incubus" <incubus () SECURAX ORG> To: <BUGTRAQ () SECURITYFOCUS COM> Sent: Monday, January 01, 2001 4:51 PM Subject: Securax Advisory 12
Topic: Remote hiding from access_log and error_log Announced: 2000-12-28 Affects: Logfile auditing with tools that print the contents of the
file to the screen. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> Comment: www stoev org iQA/AwUBOlN3OVi4DH/L1CReEQJrDwCcC6NTBE12gRkaxWCiV20M7ai4nrcAoI6G RWY5V4Clvdbecehd1fjkiXzF =/xsA -----END PGP SIGNATURE-----
Current thread:
- Securax Advisory 12 incubus (Jan 02)
- Re: Securax Advisory 12 Alex Muntada (Jan 03)
- Re: Securax Advisory 12 (Using backspace in HTTP requests) Philip Stoev (Jan 04)
- Using backspace in HTTP requests (Re: Securax Advisory 12) Philip Stoev (Jan 03)
- Re: Securax Advisory 12 Alex Muntada (Jan 03)