Linux doesn't seem vulnerable. Tested on both Apache/2.0.39 and Apache/1.3.20, on Redhat 7.3 and 7.2 respectively. Error log reports 'invalid command [data], perhaps mis-spelled or defined by a module not included in the server configuration.' Where is the overflow taking place on OpenBsd? -ryan > On Sat, Jun 22, 2002 at 09:11:18PM +0200, Jedi/Sector One wrote: > > While playing with the SetEnv directive with Apache, I noticed that > httpd > > processes are dying with a signal 11 if the data stored in an > environment > > variable was too long. > > Nice bug and easy to exploit. I've attached a piece of code which creates > an > .htaccess file. Requesting a directory containing this file causes all > httpd daemons to die. Works on my OpenBSD 3.1-current. > > > -- > > __ /*- Frank DENIS (Jedi/Sector One) <j@42-Networks.Com> -*\ > __ > > \ '/ <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a> > \' / > > \/ <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software </a> > \/ > > -- > Alexander Yurchenko (aka grange)
This archive was generated by hypermail 2b30 : Sat Jun 22 2002 - 22:14:48 PDT