| Originally published: Wednesday, 10 November 1999 | Author: Quentin Cregan |
| Published to: news_enhance_security/Security News | Page: 1/1 [Printable] |
thttpd bug"Today I glanced at the thttpd 2.04 source code, wondering how seriously thttpd parsed HTTP If-Modified-Since fields. I was horrified to see that tdate_parse() scans %[a-zA-Z] into a fixed-size stack buffer." The original post to VULN-DEV is herearchive.org, and the follow up containing a URL for the latest version and patch is herearchive.org.
|
|
| Page 1 of 1 | |
|
(this article had no body text) | |