httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 49416] New: Access log bypass and missing HTTP headers
Date Wed, 09 Jun 2010 15:22:21 GMT

           Summary: Access log bypass and missing HTTP headers
           Product: Apache httpd-2
           Version: 2.2.12
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: Core

Created an attachment (id=25569)
 --> (
Example for null character in URL and missing response headers

When sending the ASCII control character null (hexadecimal 00) in a URI, apache
does return a HTTP entity (the HTML code), but no HTTP headers. Additionally
the URI is truncated (the null and everything after it is missing).

If you have a local apache running, try this python script (you need to have a
index.html or index.php in your root directory):

import urllib2
print 'Valid request:'
print urllib2.urlopen('http://localhost/?abc=123&def=456_VALID').read()
print ''
print 'Invalid request:'

The apache access.log will look like this:

::1 - - [09/Jun/2010:16:44:41 +0200] "GET /?abc=123&def=456_VALID HTTP/1.1" 200
321 "-" "Python-urllib/2.6"
::1 - - [09/Jun/2010:16:44:41 +0200] "GET /?abc=123" 200 94 "-" "-"

As you can see in the appended wireshark (libpcap), the headers for the second
response are missing!

It works on remote (not localhost) apache servers as well.


Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message