I made up my own buffer contents to try to trigger an overflow just to see if it would crash. With http 1.0, I got
20020728 124423 Web Error Problem in ThreadProc - Socket 372 on port 8383 from 127.0.0.1. With http 1.1, I get no log entry at all. It may have been the order I ran them in, but both cases "Web error problem in ThreadProc" and lack of a log entry are suspicious. Try using an entire exploit buffer of 0x90, surrounded by the GET ....HTTP 1.0 protocol. Thanks for clarifying some of this on a weekend! > Hmmmm... We were not able to duplicate the buffer overflow. > The information reported in the message is not valid nor > is the exploit. By the way, it says it works ok in .9 > and 1.1 (or something like that, I don't have the message > now). This makes this incorrect as they all travel through > the exact same logic. Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
