From: tmoran@acm.org
Subject: Re: AdaIC opens the Ada Sites search engine
Date: Fri, 14 Mar 2003 02:30:25 GMT
Date: 2003-03-14T02:30:25+00:00 [thread overview]
Message-ID: <19bca.84036$qi4.49546@rwcrnsc54> (raw)
In-Reply-To: v7058jmhc7d239@corp.supernews.com
> The AdaIC search engine is created with a set of Ada applications, all
> written in Ada 95. For more on the search engine and how to use it, see
> http://www.adaic.com/site/search-info.html.
It's interesting to compare this to the recent:
> *** {03.10.020} Cross - DeleGate robots.txt overflow
>
> DeleGate versions prior to 8.5.0 do not properly handle large robot.txt
> files, thereby allowing a malicious Web site to execute arbitrary
> code on the DeleGate system.
>
> This vulnerability is confirmed and fixed in version 8.5.0.
>
> Source: SecurityFocus Bugtraq
> http://archives.neohapsis.com/archives/bugtraq/2003-03/0160.html
The early indexer didn't handle giant robots.txt files gracefully either.
It just stopped and logged the problem however: no "arbitrary code
execution" since it was written in Ada and no checks were suppressed.
next prev parent reply other threads:[~2003-03-14 2:30 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-03-13 5:21 AdaIC opens the Ada Sites search engine Randy Brukardt
2003-03-13 5:40 ` Randy Brukardt
2003-03-13 20:17 ` Chad R. Meiners
2003-03-14 1:50 ` Randy Brukardt
2003-03-14 2:36 ` tmoran
2003-03-14 2:30 ` tmoran [this message]
2003-03-15 1:47 ` Jeffrey Carter
2003-03-14 5:19 ` Christoph Grein
2003-03-14 10:26 ` Gautier
2003-03-14 19:34 ` Randy Brukardt
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox