At 7:19 PM -0200 10/10/01, secure@conectiva.com.br wrote: >A malicious user could point to a file like /dev/zero and let > the server run in an endless loop, trying to read config > parameters from there. Whoa there. I haven't looked at the RPMs you're distributing, but the htsearch CGI will timeout after a given interval (by default 5 minutes) via the alarm() call. Yes, the /dev/zero URL could be used for a Denial of Service attack in this fashion. Yes, it's a bug and a reason to upgrade. No, this is not an "endless" loop, unless you've removed that alarm() call. To quote from my previous message: At 3:46 PM -0500 10/7/01, Geoff Hutchison wrote: >remote user can force the CGI to stall until it times out Cheers, -- -- -Geoff Hutchison Williams Students Online http://wso.williams.edu/
