WebApp Sec mailing list archives
Re: Is this exploitable?..
From: Peter Conrad <conrad () tivano de>
Date: Thu, 16 Dec 2004 16:54:04 +0100
Hi, Am Mittwoch, 15. Dezember 2004 23:42 schrieb Benjamin Livshits:
It looks like responseString obtained from req is forgeable and this may conceivably lead to a vulnerability down the line, it seems, when responseString is output with a call to out.print(responseString).
please explain in what way the responseString is "forgeable". Yes, it does
include all the original request headers. That's the point of a TRACE request.
out.print() will write the *body* of the response, if that's what worries you.
Bye,
Peter
--
Peter Conrad Tel: +49 6102 / 80 99 072
[ t]ivano Software GmbH Fax: +49 6102 / 80 99 071
Bahnhofstr. 18 http://www.tivano.de/
63263 Neu-Isenburg
Germany
Current thread:
- Is this exploitable?.. Benjamin Livshits (Dec 16)
- Re: Is this exploitable?.. Peter Conrad (Dec 20)
- RE: Is this exploitable?.. Benjamin Livshits (Dec 20)
- Re: Is this exploitable?.. Peter Conrad (Dec 20)
- RE: Is this exploitable?.. Benjamin Livshits (Dec 20)
- Re: Is this exploitable?.. Stephen de Vries (Dec 20)
- Re: Is this exploitable?.. Tim (Dec 20)
- Re: Is this exploitable?.. Peter Conrad (Dec 20)