I'm just wondering if anyone has a collection of this kind of things we can run on apache 2.0 to see if we handle them.. (I'm volunterring to run them if someone can point me to them) ..Ian > -----Original Message----- > From: William A. Rowe, Jr. [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, June 13, 2001 4:16 PM > To: [EMAIL PROTECTED] > Subject: Re: Bugtraq ID 2503 : Apache Artificially Long Slash Path > Directory Listing Exploit (fwd) > > > > Date: Wed, 13 Jun 2001 02:44:35 -0500 > > From: Matt Watchinski <[EMAIL PROTECTED]> > > To: [EMAIL PROTECTED] > > Subject: Bugtraq ID 2503 : Apache Artificially Long Slash > Path Directory > > Listing Exploit > > > > #!/usr/bin/perl > > # > > # farm9, Inc. (copyright 2001) > > # > > # Name: Apache Artificially Long Slash Path Directory > Listing Exploit > > # Author: Matt Watchinski > > # Ref: SecurityFocus BID 2503 > > # > > # Affects: Apache 1.3.17 and below > > # Tested on: Apache 1.3.12 running on Debian 2.2 > > As Mark points out, this is no longer an issue, and on Win32, > it wasn't tripped > until you get to about 8180 characters. On pre-1.3.14, you > needed a special character > in the path to trip it on Win32. Any which way, we are at > 1.3.20 with no reoccurance > on any platform, for any reason. > > The patch I've been hacking to 2.0's directory walk+path info > code already handles > the 'error condition' v.s. the 'not found' condition > properly. Feel free to try > proving me wrong once it's committed. > > Bill >
