Bugtraq: Re: extra long URL attack

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: extra long URL attack

From: john () loverso southborough ma us (John Robert LoVerso)
Date: Sat, 11 Jan 1997 11:52:05 -0500

but this extra long URL to my site running
       Server version Stronghold/1.3 Ben-SSL/1.3 Apache/1.1.1.
will show you the raw contents of the top directory


You're was the only server (that I tried) that this worked on.  In particular,
it does not work against Apache/1.2bX sites, including:

        Server: Stronghold/2.0b1 Apache/1.2b2

John

By Date By Thread

Current thread:

not so false alarm: query cgi problem Apropos of Nothing (Jan 10)
- Re: not so false alarm: query cgi problem M Lyons (Jan 10)
- extra long URL attack strick -- henry strickland (Jan 10)
  - Re: extra long URL attack John Robert LoVerso (Jan 11)
  - Re: extra long URL attack Jyri Kaljundi (Jan 11)
  - Re: extra long URL attack M Shariful Anam (Jan 11)
  - Re: extra long URL attack Marc Slemko (Jan 11)
  - Security release: Apache 1.1.2 Brian Behlendorf (Jan 12)
  - Apache 1.1.1 overflow David Sacerdote (Jan 12)