Bugtraq mailing list archives
Re: false alarm: query cgi problem
From: mouse () Holo Rodents Montreal QC CA (der Mouse)
Date: Fri, 10 Jan 1997 12:03:22 -0500
For anyone who cares, the buffer overflow in the query cgi is not exploitable. This is because the exploit requires 21,000+ bytes, and the maximum size for a URL is 1024 bytes. That is how it is defined in the RFC.
That doesn't necessarily mean it's not exploitable; it depends on what the web server in question does with URLs that violate the RFC. If the web server truncates, dumps the request, or something similar, you're okay - but if it is liberal in what it accepts and is willing to handle URLs 21K long, you could still be in trouble. der Mouse mouse () rodents montreal qc ca 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Current thread:
- false alarm: query cgi problem Apropos of Nothing (Jan 09)
- <Possible follow-ups>
- Re: false alarm: query cgi problem der Mouse (Jan 10)
- Re: false alarm: query cgi problem Zygo Blaxell (Jan 10)