httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andy Finkenstadt" <>
Subject RE: Showstoppers
Date Wed, 06 May 1998 17:37:18 GMT
It gets even worse!  Any filename COMPONENT in the entire path triggers this
problem.  E.g.:

  GET /con/aux/index.html HTTP/1.0

Sigh.  The device header chain is going to have to be followed to build the
list of special filenames / devices at runtime, since EMMXXXX0 is also
reserved whenever EMM386 (extended memory manager) is loaded or emulated in
both 95 and NT.  Might make for an interesting DOS attack against IIS or
WebSite or other Windows-based servers.


-----Original Message-----
From: [] On
Behalf Of Martin Kraemer
Sent:	Wednesday, May 06, 1998 10:17 AM
Subject:	Re: Showstoppers

On Wed, May 06, 1998 at 11:28:18AM +1000, Tim Hudson wrote:
>     It is actually more detailed than that in that the filename extension
> is *ignored* in this processing. The challenge for the day is to create a
> file called "aux.c" under anything with the DOS kernel sitting underneath
> it. Don't forget this little 'gem' in checking things ... in that the
> extension should be stripped off or ignored during this check.

Oops!!!! Thanks, Tim, I was unaware of this additional "challenge".

| S I E M E N S |  <>  |      Siemens Nixdorf
| ------------- |   Voice: +49-89-636-46021     |  Informationssysteme AG
| N I X D O R F |   FAX:   +49-89-636-44994     |   81730 Munich, Germany
~~~~~~~~~~~~~~~~My opinions only, of course; pgp key available on request

View raw message