[Nitro] [PATCH] Fix an exploitable bug in CGI multipart parsing
Jonathan Buch
john at oxyliquit.de
Wed Oct 25 09:42:48 EDT 2006
On Wed, 25 Oct 2006 10:41:44 +0200, Michael Fellinger <manveru at weez-int.com> wrote:
> patch attached, it's still warm :)
> please apply ASAP (also you guys who use 0.31, please patch)
>
> This fully closes a previously-reported but partially-fixed vulnerability:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0983
> http://www.securityfocus.com/bid/11618/info
>
> thanks to zedas who informed us :)
>
> ^ manveru
>
Ah, very nice, thanks manv, zedas.
Good that I run on fcgi ;)
Jo
--
Feel the love
http://pinkjuice.com/pics/ruby.png
More information about the Nitro-general
mailing list