Bugtraq: Re: Fixing the NCSA HTTPD 1.3

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Fixing the NCSA HTTPD 1.3

From: Dan_Thorson () notes seagate com (Dan Thorson )
Date: 14 Feb 95 14:23:54 EDT


I haven't checked everything yet, but...

Did you see the CIAC bulletin?  They only recommened the setting of 
MAX_STRING_LEN and HUGE_STRING_LEN to be equal.

Hmmm.  Perhaps they didn't see the sprintf's in log_transaction() [for example, 
in http_log.c])?

I've called CIAC & let them know.  Your fix may be more complete, but time will 
tell if it's enough.

By Date By Thread

Current thread:

Re: Fixing the NCSA HTTPD 1.3 Dan Thorson (Feb 14)