You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2004/10/11 21:35:34 UTC
DO NOT REPLY [Bug 31653] New: -
buffer buffer mod_cache.c
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=31653>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=31653
buffer buffer mod_cache.c
Summary: buffer buffer mod_cache.c
Product: Apache httpd-2.0
Version: 2.0.50
Platform: All
OS/Version: Linux
Status: NEW
Severity: Normal
Priority: Other
Component: mod_cache
AssignedTo: bugs@httpd.apache.org
ReportedBy: mmardones@gmail.com
Auditing code of Apache 2.0.50
Observing in some mod of apache, indeed in mod of it breaks that
this in /modulos/cache and whose I modulate calls
mod_file_cache.c i found in 110 lines 109 and a function badly programmed that
allows to
explode I cosay already indicated
char mtimestr[APR_RFC822_DATE_LEN];
char sizestr[21];
These lines indeed are the vulnerable ones since it is not taken
pertinent care to assure the series character that are
assigned on this pile and the security is not taken either stops
that carateres is assigned surely.
These circumstances usually are taken advantage of to mount buffer
overflow attacks
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org