Re: [bug] Technical Support Log Crashes Server

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 60590
interpreted = N
texte = On 12/22/04 10:23 AM, Jesse Proudman mashed the following keys : > There is a difference between just not starting, and spewing the > content of memory. If it says "WebDNA Not Running: Disk Full", "WebDNA > Not Running: System Error", "WebDNA Not Running: Look at Server", that > would be more appropriate. Additionally, any WebDNA 5.0 server is > vulnerable to a misinformed search statement being passed through a URL > resulting in the dump of memory. ?? So don't run 5. There are lots of old applications with bugs. There are lots of applications that require a paid update to fix the bugs. (every version of windows pops into mind) > > As I said, this error was my fault, no harm there, however, at this > point I am more concerned about the security implications of memory > being dumped to end users. Yes, but, you're overstating it a bit because the result is random, you __MIGHT__ be able to use a vulnerability like that to get __A__ credit card, and I stress might, but you would be hard pressed to use it as a coordinated attack, and again, if you're running old software, or a full disk, or otherwise running bad sysadmin practices you get what you deserve IMHO. ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [bug] Technical Support Log Crashes Server ( 2004)
  2. Re: [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
  3. Re: [bug] Technical Support Log Crashes Server ( Aaron Lynch 2004)
  4. Re: [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
  5. Re: [bug] Technical Support Log Crashes Server ( 2004)
  6. Re: [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
  7. Re: [bug] Technical Support Log Crashes Server ( John Peacock 2004)
  8. Re: [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
  9. Re: [bug] Technical Support Log Crashes Server ( John Peacock 2004)
  10. [bug] Technical Support Log Crashes Server ( Jesse Proudman 2004)
On 12/22/04 10:23 AM, Jesse Proudman mashed the following keys : > There is a difference between just not starting, and spewing the > content of memory. If it says "WebDNA Not Running: Disk Full", "WebDNA > Not Running: System Error", "WebDNA Not Running: Look at Server", that > would be more appropriate. Additionally, any WebDNA 5.0 server is > vulnerable to a misinformed search statement being passed through a URL > resulting in the dump of memory. ?? So don't run 5. There are lots of old applications with bugs. There are lots of applications that require a paid update to fix the bugs. (every version of windows pops into mind) > > As I said, this error was my fault, no harm there, however, at this > point I am more concerned about the security implications of memory > being dumped to end users. Yes, but, you're overstating it a bit because the result is random, you __MIGHT__ be able to use a vulnerability like that to get __A__ credit card, and I stress might, but you would be hard pressed to use it as a coordinated attack, and again, if you're running old software, or a full disk, or otherwise running bad sysadmin practices you get what you deserve IMHO. ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Aaron Lynch

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

PIXO support (1997) Help! WebCat2 bug (1997) Help formatting search results w/ table (1997) Emailer or [sendmail] questions ... (1998) Converting Quotes in Javascript (2001) Opinion: [input] should be called [output] ... (1997) Need relative path explanation (1997) Who needs Yoda! (2002) Running subtotal? (1998) WebCat editing, SiteGuard & SiteEdit (1997) [WebDNA] Retrieving a PDF from an email (2008) SKU Question (1999) Sorting error (1997) Getting total number of items ordered (1997) ghost dbs!? (2003) problems with WebCat-Plugin () WebDNA implementation of MD5 algorithm? (2003) Using Plug-In while running 1.6.1 (1997) Variables in a Prefernce File (2005) MacOS alias identification? (1998)