In a message dated 8/24/01 12:01:16 AM Eastern Daylight Time, [EMAIL PROTECTED] writes: > Fw: AOLserver 3.0 AOLserver 3.0 vulnerability The 3.0 vulnerability refers to a buffer overflow error that can be the focus of a DOS attack. The error occurs while parsing the authorization header; the buffer is created on the stack in ParseAuth() and is potentially overflowed in Ns_HtuuDecode(). This was reported and patched (thanks to Adam Zell!) for the 3.4pre1 release. Jay Ridgeway AOL Local Technologies
