[25144] in bugtraq
RE: segfault in ntop
daemon@ATHENA.MIT.EDU (Craig Humphrey)
Thu Apr 18 19:52:35 2002
Message-ID: <3D6694DB1788D311BA3E00508B5DFFE7036F90D1@aklmessage01>
From: Craig Humphrey <Craig.Humphrey@ChapmanTripp.com>
To: "'JP'" <px@negative.zeroday.net>, bugtraq@securityfocus.com
Cc: "'ntop@unipi.it'" <ntop@unipi.it>
Date: Thu, 18 Apr 2002 13:39:35 +1200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
I think this was fixed recently as it doesn't happen in my v.2.0.99 build
(from a recent cvs).
> -----Original Message-----
> From: JP [mailto:px@negative.zeroday.net]
> Sent: Thursday, 18 April 2002 5:13 AM
> To: bugtraq@securityfocus.com
> Subject: segfault in ntop
>
>
> I'm sorry if this has already been discussed on here before,
> but I went
> through the thread and saw nothing on it.
>
> I was able to remotley segfault ntop v.2.0.0 using Netscape
> 6.1 by simply
> specifying a command in the url location bar. For example:
>
> http://ntop.site.com:port/`ls`
>
> That above command will cause ntop to segfault and core dump.
> I tried a
> few different commands, ls and su segfaulted ntop, whereas
> everything else
> I tried gave a 403 error, but ntop stayed online.
>
> Here's information about my ntop platform:
>
> Mandrake Linux v8.1 kernel 2.4.8-26mdk
> ntop v.2.0.0 MT [i686-pc-linux-gnu] (01/24/02 03:04:18 PM build)
>
> I was able to segfault ntop from the following platforms:
>
> Mandrake Linux v8.1 kernel 2.4.8-26mdk with Netscape v6.1
> (Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2)
> Gecko/20010726 Netscape6/6.1)
>
> Mandrake Linux v8.1 kernel 2.4.8-26mdk with Opera 5.0 for
> Linux - 20010510 Build 024 -[5]
>
> Windows 2000 Server 5.00.2195 SP2 with Netscape v6.2.2
> (Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.4.1)
> Gecko/20020314 Netscape6/6.2.2)
>
> I was unable to duplicate this segfault with the following browsers:
>
> Internet Explorer v6.0.2600.0000
> Konqueror v2.2.1
>
> I did not test any other platforms or browsers than the ones
> listed here.
> I have notified ntop and haven't received a response yet.
>
> Thanks,
>
> jason
>
