[HECnet] Security hole in CSWS
Sampsa Laine
sampsa at mac.com
Tue Sep 22 22:40:12 PDT 2009
Hmm...The rule seems to somehow work for .1:
http://rhesus.sampsa.com/php/php_rules.php.1
http://rhesus.sampsa.com/php/php_rules.php.0
http://rhesus.sampsa.com/php/php_rules.php.-1
As well as -1:
http://rhesus.sampsa.com/php/php_rules.php;-1
And ;0 is covered by the rewrite anyhow:
http://rhesus.sampsa.com/php/php_rules.php;0
Any other separator legal for version numbers? Am I missing anything else?
Sampsa
On 22 Sep 2009, at 22:36, Johnny Billquist wrote:
Sampsa Laine wrote:
Just to clarify, are we now talking about the flaw in CSWS_PHP or just general syntax for VMS filenames? Or both?
Both. Since we're talking about legal filenames in VMS, it means that CSWS_PHP must understand them as well, or else they are just easy ways of getting around your rewrite rules.
Johnny
Sampsa
On 22 Sep 2009, at 22:25, Mark Abene wrote:
For the record, both [] and <> will work on TOPS-20 for directory names.
Brackets [] are naturally preferable because they don't require a shift,
which is much more comfortable when typing quickly.
Johnny Billquist wrote:
Mark Wickens wrote:
Hope you guys don't mind but I mentioned this to the Hoff and he pointed
out that a period '.' can be used validly instead of a ';' as a
separator between the version number and the filename.
Indeed. You can also use <> instead of [] as directory brackets.
All because of confusion within DEC at the time when they tried to
decide on a standard for all DEC OSes.
(Because of this confusion, TOPS-20 changed it's syntax to be <> and .,
but then VMS reverted the decision, but in the end they had to allow
both variants, to keep something like compatibility between VMS and
TOPS-20. RSX also allows the same.)
Johnny
--
Johnny Billquist || "I'm on a bus
|| on a psychedelic trip
email: bqt at softjar.se || Reading murder books
pdp is alive! || tryin' to stay hip" - B. Idol
More information about the Hecnet-list
mailing list