Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Vulnerability in Glimpse HTTP
From: oliverf () SILENCE SECNET COM (Oliver Friedrichs)
Date: Wed, 9 Jul 1997 13:00:07 -0600


On Tue, 8 Jul 1997, Paul Phillips wrote:

They are...

  ^ (acts as pipe under some shells)
 \n (acts as shell delimeter)
  \ (in the esc_chars version of the function, this allows \; to
     be escaped as \\;, then unescaped by shell into \; again.)

This should be somewhat distrubing as a rather fearful number of
people have read that document and only a very few have actually
noticed these oversights.  I certainly hope the majority of programmers

This is true, however in the context of this particular bug (Glimpse) this
isn't the case.  The reason for this being that open() in perl does not
honour these escape characters.

- Oliver

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
   Secure Networks Incorporated.  Calgary, Alberta, Canada, (403) 262-9211



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault