AppleShare IP 6.x Invalid Range Request Vulnerability
BID:1162
Info
AppleShare IP 6.x Invalid Range Request Vulnerability
| Bugtraq ID: | 1162 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | May 02 2000 12:00AM |
| Updated: | May 02 2000 12:00AM |
| Credit: | Publicized by Apple Computer, Inc. on May 1, 2000. Additional information provided by Deepquest <[email protected]>. |
| Vulnerable: |
Apple AppleShare IP 6.3 Apple AppleShare IP 6.2 Apple AppleShare IP 6.1 |
| Not Vulnerable: | |
Discussion
AppleShare IP 6.x Invalid Range Request Vulnerability
Requesting a URL with a specified range exceeding the physical limit of the file will cause the Web Server in AppleShare IP to return an extra 32 KB of information taken from RAM. The additional data will appear appended to the file requested and may contain sensitive information.
Requesting a URL with a specified range exceeding the physical limit of the file will cause the Web Server in AppleShare IP to return an extra 32 KB of information taken from RAM. The additional data will appear appended to the file requested and may contain sensitive information.
References
AppleShare IP 6.x Invalid Range Request Vulnerability
References:
References:
- AppleShare IP Product Home Page (Apple)
- Software Update for ASIP (Apple)