[6710] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: NSCA HTTPD (for Windows) bug.

daemon@ATHENA.MIT.EDU (Niall Smart)
Fri May 8 15:47:38 1998

Date: 	Fri, 8 May 1998 18:14:35 +0100
Reply-To: Niall Smart <njs3@DOC.IC.AC.UK>
From: Niall Smart <njs3@DOC.IC.AC.UK>
X-To:         Renos <renosm@YAHOO.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  Renos <renosm@YAHOO.COM> "NSCA HTTPD (for Windows) bug." (May  8,
              1:33am)

On May 8,  1:33am, Renos wrote:
} Subject: NSCA HTTPD (for Windows) bug.

> Since the server is not for commercial use the bug doesn't seem to be
> serious. A fix would be to re-define MAX_STRING_LEN to a much bigger
> number. As far as I know the Server Administrator cannot re-define
> MAX_STRING_LEN.

Increasing MAX_STRING_LEN is *not* a fix; it is necessary to add
bounds checking code to the parser to ensure that the buffer cannot
be overflowed.

Niall


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[6710] in bugtraq

Re: NSCA HTTPD (for Windows) bug.

daemon@ATHENA.MIT.EDU (Niall Smart)Fri May 8 15:47:38 1998

daemon@ATHENA.MIT.EDU (Niall Smart)
Fri May 8 15:47:38 1998