DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42613>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42613 Summary: issues while parsing long values in .htaccess Product: Apache httpd-1.3 Version: HEAD Platform: Other OS/Version: OpenBSD Status: NEW Severity: normal Priority: P2 Component: Auth/Access AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Apache httpd fails to properly parse a long input coming from .htaccess directives. And this is how I found it: I've put AuthName with a very long value into my .htaccess file. In the error_log, httpd reported the following: /var/www/htdocs/_files_/aaa/.htaccess: Invalid command 'AAAAAAA (and loads of As after this) After certain amount of padding chars httpd started to treat the string as a new directive. And when its value was long enough (still in the same line) it began to treat it as a new directive again from a certain character. All in one line, as a value of AuthName. Can't say if it happens to other directives as well (I'd say so, though I didn't give it a try) and what's the impact on the security. Please have a look at the following website with a sample (working) PoC: URL: http://cepter.net/misc/htaccess Server version: Apache/1.3.37 (Unix) Server built: Feb 21 2007 19:08:11 Haven't tried this on Apache HTTPD 2.0. Regards -- Peter -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
