Lc.DB — the Linux.com Article Museum
Home:: Authors:: Categories:: Staff:: All Articles Powered by GNU/Linux
Originally published: Wednesday, 10 November 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1   [Standard view]

thttpd bug

"Today I glanced at the thttpd 2.04 source code, wondering how seriously thttpd parsed HTTP If-Modified-Since fields. I was horrified to see that tdate_parse() scans %[a-zA-Z] into a fixed-size stack buffer." The original post to VULN-DEV is herearchive.org, and the follow up containing a URL for the latest version and patch is herearchive.org.

(this article had no body text)

Originally published on Linux.com. Released under the Open Content License unless otherwise stated. Notify Gareth Watts of any errors or copyright violations.