Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

false alarm: query cgi problem
From: apropos () sover net (Apropos of Nothing)
Date: Thu, 9 Jan 1997 20:26:38 -0500

For anyone who cares, the buffer overflow in the query cgi is not
exploitable.  This is because the exploit requires 21,000+ bytes, and the
maximum size for a URL is 1024 bytes. That is how it is defined in the RFC.


Anyway, consider yourselves lucky since that stops all attacks on query.c
based cgis. (phf, post-query, query, and maybe others have the same buffer
overflow problem).

Of course, it wouldn't hurt to a make getword() et al. do bounds checking.

apropos of nothing

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]