Re: [bug-serveez] Serveez Information Leak Vulnerability

bug-serveez

From:	Raimund 'Raimi' Jacob-Blödorn
Subject:	Re: [bug-serveez] Serveez Information Leak Vulnerability
Date:	Sat, 9 Nov 2019 16:58:02 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0

On 11/7/19 5:57 PM, Austin James Gadient wrote:

Hello Austin!

Just following up. Have you had a chance to look at this?


Well, I cannot do much with your Mac OS compilation attempts.

I tried to diff your sources against the "next" branch of the serveezgit repository but could not identify any change of yours.

If I understand you correctly, it should be sufficient to makehttp->contentlength an unsigned int (and/or have an arbitrary cap somwhere).

I am really sorry to have so little time to investigate. But if you sendmit a simple diff I'll do my best to apply it.


Greetings,

        Raimund

Current Thread

[Next in Thread]

[bug-serveez] Serveez Information Leak Vulnerability, Austin James Gadient, 2019/11/03
- Re: [bug-serveez] Serveez Information Leak Vulnerability, Raimund 'Raimi' Jacob-Blödorn, 2019/11/04
  - Re: [bug-serveez] Serveez Information Leak Vulnerability, Austin James Gadient, 2019/11/04
    - Re: [bug-serveez] Serveez Information Leak Vulnerability, Austin James Gadient, 2019/11/07
    - Re: [bug-serveez] Serveez Information Leak Vulnerability, Raimund 'Raimi' Jacob-Blödorn <=
    - Re: [bug-serveez] Serveez Information Leak Vulnerability, Austin James Gadient, 2019/11/09
    - Re: [bug-serveez] Serveez Information Leak Vulnerability, Austin James Gadient, 2019/11/16
    - Re: [bug-serveez] Serveez Information Leak Vulnerability, Austin James Gadient, 2019/11/22
    - Re: [bug-serveez] Serveez Information Leak Vulnerability, Raimund 'Raimi' Jacob-Blödorn, 2019/11/23
    - Re: [bug-serveez] Serveez Information Leak Vulnerability, Austin James Gadient, 2019/11/23