[framework] bug in shttpd_post exploit
M P Sairam
msairam at intoto.com
Fri Mar 28 02:07:13 CDT 2008
Hi,
There is a bug in shttpd_post script. In http request that is sent,
the request method is in lowercase (post) but it should be in upper
case. Even though the HTTP server accepts lower case request methods but
according to rfc 3875, http request methods are case sensitive.
--Sairam
********************************************************************************
This email message (including any attachments) is for the sole use of the intended recipient(s)
and may contain confidential, proprietary and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended recipient,
please immediately notify the sender by reply email and destroy all copies of the original message.
Thank you.
Intoto Inc.
More information about the Framework
mailing list