6 matches found
Anti-Web HTTPD 2.2 Script Engine File Opening Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3782/info Anti-Web HTTPD is a freely available, open source web server designed for use on the Linux platform. It is maintained by Doug Hoyte. Under certain circumstances awhttpd reacts unpredictably. When a script is...
[AP] awhttpd v2.2 local DoS
-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: methodic [email protected] release date: 01/03/2002 homepage: http://sec.angrypacket.com...
[AP] awhttpd v2.2 local DoS
-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: methodic [email protected] release date: 01/03/2002 homepage: http://sec.angrypacket.com...
Buffer overflow in awhttpd (Re: Format string bug in awhttpd (Re: [AP] awhttpd v2.2 local DoS))
Hello 3APA3A, OK, format string issue exists only in proposed patch... What about this issue: There are at least 2 buffer overflows with heap corruption, tpbuf can be up to 210 characters while getreqsi is malloc100. Of cause, target file should exist... tpbuf is base dir concatenated with 100...
Переполнение буфера и DoS в awhttpd (buffer overflow)
Сервер вылетает при обращении к несуществующему файлу в CGI. Переполнение кучи...
Format string bug in awhttpd (Re: [AP] awhttpd v2.2 local DoS)
Hello methodic, While testing a buffer overflow in you patch tpbuf is only 210 bytes, but you're lucky - getreqsi is only 100 bytes long : I've found classical exploitable syslog format string in this extremely secure product. Patch? - if priority=LOGLEVEL syslogtplev,buf; + if priority=LOGLEVEL...