Vulnerability Development mailing list archives
Problems in Apache 1.3.22
From: Kerozene <kerozene () phreaker net>
Date: Thu, 7 Mar 2002 15:20:04 -0300
Hackemate Labs - Advisory http://hackemate.com.ar research This test was done in an Apache 1.3.22 with PHP/4.0.6 Installed in Windows 98 Second Edition: When you make the next request, it takes you to the index of the site, the main page, as if you hadn´t put the bars. This request has 232 bars http://127.0.0.1//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// OK But if you make a request with 233 bars it shows you the Forbidden messsage. Here is the request with 233 bars. http://127.0.0.1///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// And the result: Forbidden You don't have permission to access ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// on this server. -------------------------------------------------------------------------------- Apache/1.3.22 Server at localhost Port 80 ***** Making this test I also realised that Internet Explorer doesn´t let you put an adress of more than 2047 characters in the URL bar Kerozene 1999-2002 c0oL! kerozene () hackemate com ar www.hackemate.com.ar
Current thread:
- Problems in Apache 1.3.22 Kerozene (Mar 07)
- Re: Problems in Apache 1.3.22 Erik Parker (Mar 07)
- Re: Problems in Apache 1.3.22 Kerberus (Mar 07)
- <Possible follow-ups>
- Re: Problems in Apache 1.3.22 zeno (Mar 08)
- Re: Problems in Apache 1.3.22 Wodahs Latigid (Mar 08)