Re: [bug] Technical Support Log Crashes Server
This WebDNA talk-list message is from 2004
It keeps the original formatting.
numero = 60590
interpreted = N
texte = On 12/22/04 10:23 AM, Jesse Proudman mashed the following keys :> There is a difference between just not starting, and spewing the> content of memory. If it says "WebDNA Not Running: Disk Full", "WebDNA> Not Running: System Error", "WebDNA Not Running: Look at Server", that> would be more appropriate. Additionally, any WebDNA 5.0 server is> vulnerable to a misinformed search statement being passed through a URL> resulting in the dump of memory.?? So don't run 5.There are lots of old applications with bugs. There are lots ofapplications that require a paid update to fix the bugs.(every version of windows pops into mind)> > As I said, this error was my fault, no harm there, however, at this> point I am more concerned about the security implications of memory> being dumped to end users.Yes, but, you're overstating it a bit because the result is random, you__MIGHT__ be able to use a vulnerability like that to get __A__ credit card,and I stress might, but you would be hard pressed to use it as a coordinatedattack, and again, if you're running old software, or a full disk, orotherwise running bad sysadmin practices you get what you deserve IMHO.-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
On 12/22/04 10:23 AM, Jesse Proudman mashed the following keys :> There is a difference between just not starting, and spewing the> content of memory. If it says "WebDNA Not Running: Disk Full", "WebDNA> Not Running: System Error", "WebDNA Not Running: Look at Server", that> would be more appropriate. Additionally, any WebDNA 5.0 server is> vulnerable to a misinformed search statement being passed through a URL> resulting in the dump of memory.?? So don't run 5.There are lots of old applications with bugs. There are lots ofapplications that require a paid update to fix the bugs.(every version of windows pops into mind)> > As I said, this error was my fault, no harm there, however, at this> point I am more concerned about the security implications of memory> being dumped to end users.Yes, but, you're overstating it a bit because the result is random, you__MIGHT__ be able to use a vulnerability like that to get __A__ credit card,and I stress might, but you would be hard pressed to use it as a coordinatedattack, and again, if you're running old software, or a full disk, orotherwise running bad sysadmin practices you get what you deserve IMHO.-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Aaron Lynch
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
[WebDNA] Sublime Text or Textmate (2013)
Banner DNA (1997)
Size issues (2001)
Calendar using WebCatalog? (1997)
Displaying Location (1997)
form crasehes server (1997)
WebCat/Typhoon Status under Windows (1998)
WebCat2b13MacPlugIn - [include] (1997)
Multiple database stuff... (1999)
WC 4? (2001)
RE: strip .0 off off IPaddress (1999)
Showif, Hideif reverse logic ? (1997)
4.0.2b4 (2000)
Fufillment e-mail? (1998)
ShowNext and random sort (1998)
WebCat2b13MacPlugIn - [shownext method=post] ??? (1997)
ugly math date (2002)
HELP WITH DATES (1997)
taxRate is fine but taxTotal isn't (1997)
wrong input values? (1997)