Anti-Web HTTPD 2.2 Script Engine File Opening Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3782/info Anti-Web HTTPD is a freely available, open source web server designed for use on the Linux platform. It is maintained by Doug Hoyte. Under certain circumstances awhttpd reacts unpredictably. When a script is...

Format string bug in awhttpd (Re: [AP] awhttpd v2.2 local DoS)

Hello methodic, While testing a buffer overflow in you patch tpbuf is only 210 bytes, but you're lucky - getreqsi is only 100 bytes long : I've found classical exploitable syslog format string in this extremely secure product. Patch? - if priority=LOGLEVEL syslogtplev,buf; + if priority=LOGLEVEL...

Переполнение буфера и DoS в awhttpd (buffer overflow)

Сервер вылетает при обращении к несуществующему файлу в CGI. Переполнение кучи...

[AP] awhttpd v2.2 local DoS

-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: methodic [email protected] release date: 01/03/2002 homepage: http://sec.angrypacket.com...

[AP] awhttpd v2.2 local DoS

-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: methodic [email protected] release date: 01/03/2002 homepage: http://sec.angrypacket.com...

Buffer overflow in awhttpd (Re: Format string bug in awhttpd (Re: [AP] awhttpd v2.2 local DoS))

Hello 3APA3A, OK, format string issue exists only in proposed patch... What about this issue: There are at least 2 buffer overflows with heap corruption, tpbuf can be up to 210 characters while getreqsi is malloc100. Of cause, target file should exist... tpbuf is base dir concatenated with 100...