[388] in WWW Security List Archive
Re: CIAC Advisory F-11 Report: Unix NCSA httpd Vulnerability
daemon@ATHENA.MIT.EDU (Phillip M. Hallam-Baker)
Wed Feb 15 09:36:32 1995
To: www-security@ns2.rutgers.edu
cc: hallam@dxal18.cern.ch
In-reply-to: Your message of "Wed, 15 Feb 1995 18:07:29 +0200."
<9502150907.AA28085@jaguar.cs.shizuoka.ac.jp>
Date: Wed, 15 Feb 1995 11:53:02 +0900
From: "Phillip M. Hallam-Baker" <hallam@dxal18.cern.ch>
Reply-To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
>Here, what I want to ask is if there are similar vulnerabilities present in
>CERN httpd. If so, how can we fix them?
There is no shared code between the NCSA and CERN httpd. Although I have not yet
checked the code I beleive that this attack was known when it was written, it is
after all a variation on the fingerd attack of the internet worm.
The parts of the Daemon I have checked are based on buffer append routines. But
there are quite a few of them so its possible one has been missed. I will see if
someone can check it out just to be on the safe side.
Phill Hallam-Baker.
