tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 38511] New: - wraper.c problem
Date Sat, 04 Feb 2006 17:35:45 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=38511>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=38511

           Summary: wraper.c problem
           Product: Tomcat 4
           Version: Unknown
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: qvain@walla.com


Hi all!!

  At first, sorry by my poor english: im brasilian, that´s not my native 
language...
  
  Im having a problem: a guy is taken my server down all the time!!
  
  We use Toncat version in a server at "www.peopleconsulting.com.br". When 
somebody send to the server a request like this: 

"http://www.peopleconsulting.com.br/peopledb/some/inexistent/folder", the 
system replies so:

  "Cannot locate servlet peopledb.some.inexistent.folder"

   where "/peopledb" is mapped to a customized filter servlet.

   But if this guy (we cannot locate he, ´cause he/she uses a obfuscated IP 
address) send us a reques like this: 

"http://www.peopleconsulting.com.br/peopledb/x/x/x/x/x/x/x/x/x/x/x/x/x... very 
much others /x .../x/x/x/x" causes the servere going down with a error message 

in the "wraper.c" file, and the system stops to work... We need to restart the 
server, after that the system starts correctly again...

   We don´t know more what to do!! There´s a fix to this problem? I think 
that´s a "buffer overflow exploit", but im not sure...

   Please reply to me at qvain@walla.com

      Thanks!

        Davidson Saints´axe

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message