Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: NSCA HTTPD (for Windows) bug.

Re: NSCA HTTPD (for Windows) bug.

From: Niall Smart <njs3_at_DOC.IC.AC.UK>
Date: Fri, 8 May 1998 18:14:35 +0100

On May 8, 1:33am, Renos wrote:
} Subject: NSCA HTTPD (for Windows) bug.

> Since the server is not for commercial use the bug doesn't seem to be
> serious. A fix would be to re-define MAX_STRING_LEN to a much bigger
> number. As far as I know the Server Administrator cannot re-define
> MAX_STRING_LEN.

Increasing MAX_STRING_LEN is *not* a fix; it is necessary to add
bounds checking code to the parser to ensure that the buffer cannot
be overflowed.

Niall
Received on May 08 1998

This message: [ Message body ]
Next message: der Mouse: "Re: 3Com switches - undocumented access level."
Previous message: Aleph One: "Re: 3Com switches - undocumented access level."
Maybe in reply to: Renos: "NSCA HTTPD (for Windows) bug."
Next in thread: Jonathan A. Zdziarski: "BSDI 3.1/Squid Default Owner"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]