httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dirk.vanGulik" <Dirk.vanGu...@jrc.it>
Subject Re: [linux-security] Security Hole. Appache. (fwd)
Date Thu, 04 Sep 1997 09:15:12 GMT
Flush, blush ; I knew this; there is even some old patch for pre 1 ?
which gave a protocol error :-( It came in after the limit extension.

Dw.


> Sorry! Unknown (for me) behaviour of Apache was discovered. Suddenly.
> 
> Configuration detail:
> Linux:  2.0.30
> Apache: 1.x.x
> 
> srm.conf:
>         ...
>         Action text/html /cgi-bin/exefile
>         ...
> 
> /www-root/sec-dir/.htaccess:
>         AuthType        Basic
>         AuthName        authname
>         AuthUserFile /itc/passwd
>         <LIMIT GET POST>
>         require valid-user
>         </LIMIT>
> 
> 
> 
> 
> 
> Trying to "GET" and "get" some file from /www-root/sec-dir/ ...
> ----------------------------------------
> Example #1:
> 
> $telnet www.host 80
> GET /sec-dir/index.html http/1.1
> 
> HTTP/1.1 401 Authorization Required
> ..............
> 
>         It's OK!
> -----------------------------------------
> Example #2:
> 
> $telnet www.host 80
> get /sec-dir/index.html http/1.1
> 
> HTTP/1.1 200 OK
> ...........
> 
>         It's quite OK for browser which doesn't know lower case "get".
> -----------------------------------------
> 
> This feature disappears if you comment 'Action' or '<LIMIT>' lines.
> 
>         Sorry again! Kir.
> 
> 
> 


Mime
View raw message