Received: by taz.hyperreal.com (8.8.3/V2.0) id KAA20299; Sat, 11 Jan 1997 10:18:44 -0800 (PST) Received: from staff1.texas.net by taz.hyperreal.com (8.8.3/V2.0) with ESMTP id KAA20295; Sat, 11 Jan 1997 10:18:40 -0800 (PST) Received: from localhost (mikedoug@localhost) by staff1.texas.net (8.8.3/8.7.5) with SMTP id MAA12145 for ; Sat, 11 Jan 1997 12:18:08 -0600 (CST) X-Authentication-Warning: staff1.texas.net: mikedoug owned process doing -bs Date: Sat, 11 Jan 1997 12:18:08 -0600 (CST) From: Michael Douglass To: new-httpd@hyperreal.com Subject: extra long URL attack (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: new-httpd-owner@apache.org Precedence: bulk Reply-To: new-httpd@hyperreal.com I tested this on 1.1.1 and it does, in fact, work. The only question is what else (besides getting an index of /) can this be used for. I checked to make sure you weren't already discussing this and only found the talk about the mod_cookie.c bug; unless I missed this one somewhere. (Just making sure ya'll don't miss one) Michael Douglass Texas Networking, Inc. "The past is a foreign country; they do things differently there." L. P. Hartley, British author. The Go-Between, Prologue (1953). ---------- Forwarded message ---------- Date: Fri, 10 Jan 1997 22:43:10 -0800 From: strick -- henry strickland To: Multiple recipients of list BUGTRAQ Subject: extra long URL attack I don't know about CGI attacks, but this extra long URL to my site running Server version Stronghold/1.3 Ben-SSL/1.3 Apache/1.1.1. will show you the raw contents of the top directory rather than the /index.html file (using Netscape Navigator 3.0 solaris for a browser). i've always wondered how safe it was to count on nobody seeing past your index.html -- now i know. I wonder if some varient will get you the root directory of my entire filesystem instead of just the top directory of my web. I knew I should have chrooted this stuff.... szia, strick begin 644 xyz.html.gz M'XL("(BYH=&UL`.W:00J#,!2$X7U.D1.\MR_6NZ3V21Z&6&R@ M>'M=B!0\0