Re: [bug] Technical Support Log Crashes Server

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 60590
interpreted = N
texte = On 12/22/04 10:23 AM, Jesse Proudman mashed the following keys : > There is a difference between just not starting, and spewing the > content of memory. If it says "WebDNA Not Running: Disk Full", "WebDNA > Not Running: System Error", "WebDNA Not Running: Look at Server", that > would be more appropriate. Additionally, any WebDNA 5.0 server is > vulnerable to a misinformed search statement being passed through a URL > resulting in the dump of memory. ?? So don't run 5. There are lots of old applications with bugs. There are lots of applications that require a paid update to fix the bugs. (every version of windows pops into mind) > > As I said, this error was my fault, no harm there, however, at this > point I am more concerned about the security implications of memory > being dumped to end users. Yes, but, you're overstating it a bit because the result is random, you __MIGHT__ be able to use a vulnerability like that to get __A__ credit card, and I stress might, but you would be hard pressed to use it as a coordinated attack, and again, if you're running old software, or a full disk, or otherwise running bad sysadmin practices you get what you deserve IMHO. ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [bug] Technical Support Log Crashes Server ( 2004)
  2. Re: [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
  3. Re: [bug] Technical Support Log Crashes Server ( Aaron Lynch 2004)
  4. Re: [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
  5. Re: [bug] Technical Support Log Crashes Server ( 2004)
  6. Re: [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
  7. Re: [bug] Technical Support Log Crashes Server ( John Peacock 2004)
  8. Re: [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
  9. Re: [bug] Technical Support Log Crashes Server ( John Peacock 2004)
  10. [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
On 12/22/04 10:23 AM, Jesse Proudman mashed the following keys : > There is a difference between just not starting, and spewing the > content of memory. If it says "WebDNA Not Running: Disk Full", "WebDNA > Not Running: System Error", "WebDNA Not Running: Look at Server", that > would be more appropriate. Additionally, any WebDNA 5.0 server is > vulnerable to a misinformed search statement being passed through a URL > resulting in the dump of memory. ?? So don't run 5. There are lots of old applications with bugs. There are lots of applications that require a paid update to fix the bugs. (every version of windows pops into mind) > > As I said, this error was my fault, no harm there, however, at this > point I am more concerned about the security implications of memory > being dumped to end users. Yes, but, you're overstating it a bit because the result is random, you __MIGHT__ be able to use a vulnerability like that to get __A__ credit card, and I stress might, but you would be hard pressed to use it as a coordinated attack, and again, if you're running old software, or a full disk, or otherwise running bad sysadmin practices you get what you deserve IMHO. ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Aaron Lynch

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[WebDNA] Sublime Text or Textmate (2013) Banner DNA (1997) Size issues (2001) Calendar using WebCatalog? (1997) Displaying Location (1997) form crasehes server (1997) WebCat/Typhoon Status under Windows (1998) WebCat2b13MacPlugIn - [include] (1997) Multiple database stuff... (1999) WC 4? (2001) RE: strip .0 off off IPaddress (1999) Showif, Hideif reverse logic ? (1997) 4.0.2b4 (2000) Fufillment e-mail? (1998) ShowNext and random sort (1998) WebCat2b13MacPlugIn - [shownext method=post] ??? (1997) ugly math date (2002) HELP WITH DATES (1997) taxRate is fine but taxTotal isn't (1997) wrong input values? (1997)