RE: TTP/1.0 Remote BufferOverflow?
From: Jim Stickley (jim@garrison.com)Date: 04/26/02
- Previous message: Bill Weiss: "Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...)"
- Maybe in reply to: Felipe Cerqueira: "TTP/1.0 Remote BufferOverflow?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Jim Stickley <jim@garrison.com> To: "'Felipe Cerqueira'" <fcerqueira@bufferoverflow.com.br>, vuln-dev@security-focus.com Date: Fri, 26 Apr 2002 08:28:17 -0700
Generally when a server returns an error like the one listed below it means
that it didn't buffer overflow. In most cases if you overflow the buffer,
the connection will just drop.
From the looks of the error message below, the server didn't like what you
sent, but it seems to have handled it.
-Jim
-----Original Message-----
From: Felipe Cerqueira [mailto:fcerqueira@bufferoverflow.com.br]
Sent: Thursday, April 25, 2002 8:59 PM
To: vuln-dev@security-focus.com
Subject: TTP/1.0 Remote BufferOverflow?
TTP is a httpd server for HP Print Server
Check this out:
HEAD / HTTP/1.0
HTTP/1.0 200 OK
Server:HTTP/1.0
Content-Type:text/html
.. .
GET A*lot+of+bytes HTTP/1.0
<\n\n>
500 Internal Server Error
<HEAD><TITLE>500 Internal Server Error</TITLE></END>
<BODY><H1>500 Internal Server Error</H1></BODY>Connection closed by
foreign host
someone can verify it?
thankz
- --
sky
7218 2AFF 6166 9692 8BAA
ACA3 64E9 3941 B6E7 88E7
- Previous message: Bill Weiss: "Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...)"
- Maybe in reply to: Felipe Cerqueira: "TTP/1.0 Remote BufferOverflow?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
