What HTTP exploit?

Paul G paul at rusko.us
Mon May 31 15:36:54 UTC 2004


----- Original Message ----- 
From: "Vinny Abello" <vinny at tellurian.com>
To: "Mike Nice" <niceman at att.net>
Cc: <nanog at merit.edu>
Sent: Monday, May 31, 2004 11:31 AM
Subject: Re: What HTTP exploit?

-- snip --

> I thought if it can be crashed by
> cramming too much info into a buffer before it's truncated, that's
> considered a buffer overflow. I'm no programmer and may be off base here
> but it just struck me as odd also.

it could also be a heap overflow (unless we are talking fbsd, for example).
regardless, i would be very interested in having a look at that gentleman's
apache setup to see if we can crash it reliably <g>

paul




More information about the NANOG mailing list