You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2004/10/11 21:35:34 UTC

DO NOT REPLY [Bug 31653] New: - buffer buffer mod_cache.c

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=31653>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=31653

buffer buffer mod_cache.c

           Summary: buffer buffer mod_cache.c
           Product: Apache httpd-2.0
           Version: 2.0.50
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: mod_cache
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: mmardones@gmail.com


Auditing code of Apache 2.0.50


Observing in some mod of apache, indeed in mod of it breaks that
this in /modulos/cache and whose I modulate calls
mod_file_cache.c i found in 110 lines 109 and a function badly programmed that
allows to
explode I cosay already indicated


char mtimestr[APR_RFC822_DATE_LEN];
char sizestr[21];

These lines indeed are the vulnerable ones since it is not taken
pertinent care to assure the series character that are
assigned on this pile and the security is not taken either stops
that carateres is assigned surely.
These circumstances usually are taken advantage of to mount buffer
overflow attacks

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org