Vulnerability Development mailing list archives

Re: Are NULL pointer deref a security problem ?

From: zeno <bugtraq () cgisecurity net>
Date: Fri, 7 Dec 2001 11:43:09 -0500 (EST)

Hey,

I was the first person to report the error but didn't understand
the entire reason as to why it was happening until I saw this in the upgrade file
. I think it was either
code red or nimda when it hit my machine with this configuration
would cause childs to segfault. It never caused the main pid to die
so if a issue exists its not root but instead user www or nobody.

- zeno

From http://www.apache.org/dist/httpd/CHANGES_1.3 :


8< -------------------------------------------------------------------------------------------

Changes with Apache 1.3.21

[snip]

  *) ErrorDocument 404 pointing to a parsed html file with a
     <!--#include virtual="file" --> with a request URI containing
     %2f would result in a segfault (NULL pointer deref, not a
     security problem).  [Jeff Moe <tux () themoes org>, Dean Gaudet] PR#8362

8< -------------------------------------------------------------------------------------------

Nicolas Gr?goire

Current thread:

Are NULL pointer deref a security problem ? Nicolas Gregoire (Dec 07)
- <Possible follow-ups>
- Re: Are NULL pointer deref a security problem ? zeno (Dec 07)
- Fwd: re: Are NULL pointer deref a security problem ? Nicolas Gregoire (Dec 11)