Vulnerability Development mailing list archives
Re: Another flaw in Apache?
From: Alexander Yurchenko <grange () rt mipt ru>
Date: Sun, 23 Jun 2002 04:07:57 +0400
On Sat, Jun 22, 2002 at 09:11:18PM +0200, Jedi/Sector One wrote:
While playing with the SetEnv directive with Apache, I noticed that httpd processes are dying with a signal 11 if the data stored in an environment variable was too long.
Nice bug and easy to exploit. I've attached a piece of code which creates an .htaccess file. Requesting a directory containing this file causes all httpd daemons to die. Works on my OpenBSD 3.1-current.
-- __ /*- Frank DENIS (Jedi/Sector One) <j () 42-Networks Com> -*\ __ \ '/ <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a> \' / \/ <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software </a> \/
-- Alexander Yurchenko (aka grange)
Attachment:
htx.c
Description:
Current thread:
- Another flaw in Apache? Jedi/Sector One (Jun 22)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 22)
- Re: Another flaw in Apache? Michal Zalewski (Jun 22)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 22)
- Re: Another flaw in Apache? Alexander Yurchenko (Jun 22)
- RE: Another flaw in Apache? Ryan Sweat (Jun 22)
- Re: Another flaw in Apache? Michal Zalewski (Jun 22)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 23)
- Re: Another flaw in Apache? Filipe Jorge Marques de Almeida (Jun 23)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 23)
- Message not available
- Re: Another flaw in Apache? Filipe Almeida (Jun 23)
- Re: Another flaw in Apache? Alexander Yurchenko (Jun 23)
- Re: Another flaw in Apache? Jedi/Sector One (Jun 23)
- Re: Another flaw in Apache? Michal Zalewski (Jun 23)
- Re: Another flaw in Apache? Michal Zalewski (Jun 23)