Vulnerability Development mailing list archives
RE: TTP/1.0 Remote BufferOverflow?
From: Jim Stickley <jim () garrison com>
Date: Fri, 26 Apr 2002 08:28:17 -0700
Generally when a server returns an error like the one listed below it means that it didn't buffer overflow. In most cases if you overflow the buffer, the connection will just drop.
From the looks of the error message below, the server didn't like what you
sent, but it seems to have handled it. -Jim -----Original Message----- From: Felipe Cerqueira [mailto:fcerqueira () bufferoverflow com br] Sent: Thursday, April 25, 2002 8:59 PM To: vuln-dev () security-focus com Subject: TTP/1.0 Remote BufferOverflow? TTP is a httpd server for HP Print Server Check this out: HEAD / HTTP/1.0 HTTP/1.0 200 OK Server:HTTP/1.0 Content-Type:text/html .. . GET A*lot+of+bytes HTTP/1.0 <\n\n> 500 Internal Server Error <HEAD><TITLE>500 Internal Server Error</TITLE></END> <BODY><H1>500 Internal Server Error</H1></BODY>Connection closed by foreign host someone can verify it? thankz - -- sky 7218 2AFF 6166 9692 8BAA ACA3 64E9 3941 B6E7 88E7
Current thread:
- TTP/1.0 Remote BufferOverflow? Felipe Cerqueira (Apr 26)
- <Possible follow-ups>
- TTP/1.0 Remote BufferOverflow? Felipe Cerqueira (Apr 26)
- RE: TTP/1.0 Remote BufferOverflow? Jim Stickley (Apr 26)