Full Disclosure mailing list archives
Re: IPS Evasion with the Apache HTTP Server
From: Valdis.Kletnieks () vt edu
Date: Tue, 19 Jun 2007 17:03:29 -0400
On Tue, 19 Jun 2007 12:44:00 PDT, coderman said:
is there a page somewhere that details which web servers handle sloppy input? (i bet the embedded httpd's are the most resistant)
I'm tempted to take that bet. Lot of people have thrown lots of truly wild stuff at the Apache code over the years - it may react in *unexpected* ways, but it's probably pretty bulletproof. On the other hand, that little webserver admin tool that's stuffed into one corner of your DSL modem's ROM probably got tested: "Each menu goes to the page it's supposed to, if you enter an IP here it sets it, if you enter a port there it DTRT", with little to no serious abuse of the interface. I'll bet half the gear out there, the test suite never even *considered* that maybe a 0x0c should be sent, even if just for shits-n-giggles to see what happens.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- IPS Evasion with the Apache HTTP Server H D Moore (Jun 19)
- Re: IPS Evasion with the Apache HTTP Server coderman (Jun 19)
- Re: IPS Evasion with the Apache HTTP Server Valdis . Kletnieks (Jun 19)
- Re: IPS Evasion with the Apache HTTP Server coderman (Jun 19)
- Re: IPS Evasion with the Apache HTTP Server Valdis . Kletnieks (Jun 19)
- Re: IPS Evasion with the Apache HTTP Server 3APA3A (Jun 20)
- Re: IPS Evasion with the Apache HTTP Server Jamie Riden (Jun 20)
- Re: IPS Evasion with the Apache HTTP Server 3APA3A (Jun 20)
- Re: IPS Evasion with the Apache HTTP Server H D Moore (Jun 20)
- Re: IPS Evasion with the Apache HTTP Server H D Moore (Jun 20)
- Re: IPS Evasion with the Apache HTTP Server Jamie Riden (Jun 20)
- Re: IPS Evasion with the Apache HTTP Server coderman (Jun 19)