On Mon, 2005-08-22 at 14:28, Willi Mann wrote: > forwarded 323919 [EMAIL PROTECTED] > tag 323919 + upstream > thanks > > Taco IJsselmuiden <[EMAIL PROTECTED]> reports: > > > the script 'http' uses '/../../../' as an exploit-pattern. > > This causes things like '/dat/cjf/00/20/38/13.js' to match (which aren't > > exploits). > > > > attached patch changes this to '/\.\./\.\./\.\./' which fixes this > > problem. > > Should the 3 lines below also get fixed? An (avoidable) false positive seems > unlikely, but still possible.
Commited to CVS [took Willi's advice and fixed the other .. regex's -- Mike Tremaine [EMAIL PROTECTED] http://www.stellarcore.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
