[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Serous TUX 2.4.9-J5 problem



On Thursday 20 September 2001 10:42 am, Nathan G. Grennan wrote:
[Chop]
>I restarted Tux fresh and telneted to port 80 and pasted the line in and
> sure enough it instantly crashed. I believe the line I used was:
>
> GET /scripts /..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0

Apache 1.3.20 (and presumably earlier) has a similar bug. I noticed this 
during the recent worming. It may be related to Tux's problem. Here's how to 
reproduce it in Apache:

1) You need to redirect 404s to a 404 document:
ErrorDocument 404 /fourofour.shtml
2) You need be parsing that file:
AddHandler server-parsed .shtml
3) You need to send it a request like:
http://server.com/test%2fing

Apache will Segfault and you'll get a "Document returned no data error" in 
the browser.

-Jeff





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []