tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 38511] New: - wraper.c problem
Date Sat, 04 Feb 2006 17:35:45 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=38511>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=38511

           Summary: wraper.c problem
           Product: Tomcat 4
           Version: Unknown
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: qvain@walla.com


Hi all!!

  At first, sorry by my poor english: im brasilian, thatīs not my native 
language...
  
  Im having a problem: a guy is taken my server down all the time!!
  
  We use Toncat version in a server at "www.peopleconsulting.com.br". When 
somebody send to the server a request like this: 

"http://www.peopleconsulting.com.br/peopledb/some/inexistent/folder", the 
system replies so:

  "Cannot locate servlet peopledb.some.inexistent.folder"

   where "/peopledb" is mapped to a customized filter servlet.

   But if this guy (we cannot locate he, īcause he/she uses a obfuscated IP 
address) send us a reques like this: 

"http://www.peopleconsulting.com.br/peopledb/x/x/x/x/x/x/x/x/x/x/x/x/x... very 
much others /x .../x/x/x/x" causes the servere going down with a error message 

in the "wraper.c" file, and the system stops to work... We need to restart the 
server, after that the system starts correctly again...

   We donīt know more what to do!! Thereīs a fix to this problem? I think 
thatīs a "buffer overflow exploit", but im not sure...

   Please reply to me at qvain@walla.com

      Thanks!

        Davidson Saintsīaxe

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message