Received: (qmail 10308 invoked by uid 2012); 22 Dec 1998 10:05:51 -0000 Message-Id: <19981222100551.10307.qmail@hyperreal.org> Date: 22 Dec 1998 10:05:51 -0000 From: Benjamin Maus Reply-To: maus@myworld.at To: apbugs@hyperreal.org Subject: Down the Server via Batch file. X-Send-Pr-Version: 3.2 >Number: 3574 >Category: os-windows >Synopsis: Down the Server via Batch file. >Confidential: no >Severity: critical >Priority: medium >Responsible: apache >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Tue Dec 22 02:10:00 PST 1998 >Closed-Date: Mon Oct 16 22:20:43 PDT 2000 >Last-Modified: Mon Oct 16 22:20:43 PDT 2000 >Originator: maus@myworld.at >Release: 1.3.2 @ Win 32 >Organization: >Environment: Windows 95 Pentium 200MMX and Windows NT >Description: Whn you put a .bat file with the following content (+LineFeed) in a CGI-Executable directory an acces it via TELNET on Port 80 than the SERVER will go down: hello.bat: echo HelloDown TELNET command:GET /cgi-bin/hello.bat >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: wrowe State-Changed-When: Mon Oct 16 22:20:43 PDT 2000 State-Changed-Why: As scary as this sounds... it was a bug resulting from bad script header parsing. It has been gone a while. >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]