[995] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Fixing the NCSA HTTPD 1.3

daemon@ATHENA.MIT.EDU (Dan Thorson)
Tue Feb 14 18:52:08 1995

To: Thomas Lopatic <lopatic@dbs.informatik.uni-muenchen.de>
Cc: bugtraq <bugtraq@fc.net>
From: Dan Thorson  <Dan_Thorson@notes.seagate.com>
Date: 14 Feb 95 14:23:54 EDT

I haven't checked everything yet, but...

Did you see the CIAC bulletin?  They only recommened the setting of 
MAX_STRING_LEN and HUGE_STRING_LEN to be equal.

Hmmm.  Perhaps they didn't see the sprintf's in log_transaction() [for example, 
in http_log.c])?

I've called CIAC & let them know.  Your fix may be more complete, but time will 
tell if it's enough.


home help back first fref pref prev next nref lref last post