Bugtraq mailing list archives
Re: Vulnerability in Glimpse HTTP
From: oliverf () SILENCE SECNET COM (Oliver Friedrichs)
Date: Wed, 9 Jul 1997 13:00:07 -0600
On Tue, 8 Jul 1997, Paul Phillips wrote:
They are... ^ (acts as pipe under some shells) \n (acts as shell delimeter) \ (in the esc_chars version of the function, this allows \; to be escaped as \\;, then unescaped by shell into \; again.) This should be somewhat distrubing as a rather fearful number of people have read that document and only a very few have actually noticed these oversights. I certainly hope the majority of programmers
This is true, however in the context of this particular bug (Glimpse) this isn't the case. The reason for this being that open() in perl does not honour these escape characters. - Oliver - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Secure Networks Incorporated. Calgary, Alberta, Canada, (403) 262-9211
Current thread:
- Vulnerability in Glimpse HTTP Razvan Dragomirescu (Jul 02)
- Re: Vulnerability in Glimpse HTTP Brian Gentry (Jul 02)
- Re: Vulnerability in Glimpse HTTP Jean-Christophe Touvet (Jul 03)
- Re: Vulnerability in Glimpse HTTP Paul Phillips (Jul 08)
- Re: Vulnerability in Glimpse HTTP Oliver Friedrichs (Jul 09)
- CERT Vendor-Initiated Bulletin VB-97.05 - Vul in Lynx Temporary Nicolas Dubee (Jan 01)
- Re: Vulnerability in Glimpse HTTP Martin Pool (Jul 10)
- It's not over yet. Aleph One (Jul 11)
- It's not over yet. Manley, Jim W (Jul 11)
- More information about JavaScript bug Dominick Matthias PN OIL 6 (Jul 11)
- new post SP3 hotfix: lm-fix Alex Libenson (Jul 12)
- Minor PGP vulnerability Harald Weidner (Jul 15)
- GetAdmin - Hotfix silent release ? Olivier Gerschel (Jul 16)
- Re: Minor PGP vulnerability Lucky Green (Jul 16)
- CERT Advisory CA-97.21 - SGI Buffer Overflow Vulnerabilities Aleph One (Jul 17)
- Re: Vulnerability in Glimpse HTTP Brian Gentry (Jul 02)