WebApp Sec mailing list archives
Re: Is this exploitable?..
From: Peter Conrad <conrad () tivano de>
Date: Thu, 16 Dec 2004 16:54:04 +0100
Hi, Am Mittwoch, 15. Dezember 2004 23:42 schrieb Benjamin Livshits:
It looks like responseString obtained from req is forgeable and this may conceivably lead to a vulnerability down the line, it seems, when responseString is output with a call to out.print(responseString).
please explain in what way the responseString is "forgeable". Yes, it does include all the original request headers. That's the point of a TRACE request. out.print() will write the *body* of the response, if that's what worries you. Bye, Peter -- Peter Conrad Tel: +49 6102 / 80 99 072 [ t]ivano Software GmbH Fax: +49 6102 / 80 99 071 Bahnhofstr. 18 http://www.tivano.de/ 63263 Neu-Isenburg Germany
Current thread:
- Is this exploitable?.. Benjamin Livshits (Dec 16)
- Re: Is this exploitable?.. Peter Conrad (Dec 20)
- RE: Is this exploitable?.. Benjamin Livshits (Dec 20)
- Re: Is this exploitable?.. Peter Conrad (Dec 20)
- RE: Is this exploitable?.. Benjamin Livshits (Dec 20)
- Re: Is this exploitable?.. Stephen de Vries (Dec 20)
- Re: Is this exploitable?.. Tim (Dec 20)
- Re: Is this exploitable?.. Peter Conrad (Dec 20)