summaryrefslogtreecommitdiffstats
path: root/debian/perl-framework/t/htdocs/security
diff options
context:
space:
mode:
Diffstat (limited to 'debian/perl-framework/t/htdocs/security')
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2003-0542/.htaccess3
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2004-0747/.htaccess2
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2004-0747/index.html1
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2004-0811/.htaccess3
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2004-0811/index.html1
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2004-0811/sub/index.html1
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2004-0940.shtml1
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2004-0958.php1
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2004-0959.php7
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2005-2491/one/.htaccess1
-rw-r--r--debian/perl-framework/t/htdocs/security/CAN-2005-2491/two/.htaccess1
-rw-r--r--debian/perl-framework/t/htdocs/security/CVE-2005-3352.map1
12 files changed, 23 insertions, 0 deletions
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2003-0542/.htaccess b/debian/perl-framework/t/htdocs/security/CAN-2003-0542/.htaccess
new file mode 100644
index 0000000..35a74ec
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2003-0542/.htaccess
@@ -0,0 +1,3 @@
+RewriteEngine On
+RewriteRule ((((((((((((((((((((((.*)))))))))))))))))))))) -
+
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2004-0747/.htaccess b/debian/perl-framework/t/htdocs/security/CAN-2004-0747/.htaccess
new file mode 100644
index 0000000..34092fa
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2004-0747/.htaccess
@@ -0,0 +1,2 @@
+# trigger the ap_resolve_env overflow
+AuthName ${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}${PATH}
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2004-0747/index.html b/debian/perl-framework/t/htdocs/security/CAN-2004-0747/index.html
new file mode 100644
index 0000000..3b452c3
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2004-0747/index.html
@@ -0,0 +1 @@
+ap_resolve_env is good
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2004-0811/.htaccess b/debian/perl-framework/t/htdocs/security/CAN-2004-0811/.htaccess
new file mode 100644
index 0000000..59d9ffb
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2004-0811/.htaccess
@@ -0,0 +1,3 @@
+AuthType Basic
+AuthName authany
+require valid-user
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2004-0811/index.html b/debian/perl-framework/t/htdocs/security/CAN-2004-0811/index.html
new file mode 100644
index 0000000..c6cac69
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2004-0811/index.html
@@ -0,0 +1 @@
+empty
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2004-0811/sub/index.html b/debian/perl-framework/t/htdocs/security/CAN-2004-0811/sub/index.html
new file mode 100644
index 0000000..c6cac69
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2004-0811/sub/index.html
@@ -0,0 +1 @@
+empty
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2004-0940.shtml b/debian/perl-framework/t/htdocs/security/CAN-2004-0940.shtml
new file mode 100644
index 0000000..a06b7bd
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2004-0940.shtml
@@ -0,0 +1 @@
+<!--#echo var="ababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababababab\aWAVEGOODBYETOYOURSTACKSCRIBBLESCRIBBLESCRIBBLE"-->
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2004-0958.php b/debian/perl-framework/t/htdocs/security/CAN-2004-0958.php
new file mode 100644
index 0000000..b328c31
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2004-0958.php
@@ -0,0 +1 @@
+<?php print_r($_REQUEST); ?>
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2004-0959.php b/debian/perl-framework/t/htdocs/security/CAN-2004-0959.php
new file mode 100644
index 0000000..0f36526
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2004-0959.php
@@ -0,0 +1,7 @@
+<?php
+ if (is_uploaded_file($_FILES['user_file']['tmp_name'])) {
+ print $_FILES['user_file']['name'];
+ } else {
+ print "FAILED";
+ }
+?> \ No newline at end of file
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2005-2491/one/.htaccess b/debian/perl-framework/t/htdocs/security/CAN-2005-2491/one/.htaccess
new file mode 100644
index 0000000..608feba
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2005-2491/one/.htaccess
@@ -0,0 +1 @@
+RewriteRule a{111111111111111111} /index.html
diff --git a/debian/perl-framework/t/htdocs/security/CAN-2005-2491/two/.htaccess b/debian/perl-framework/t/htdocs/security/CAN-2005-2491/two/.htaccess
new file mode 100644
index 0000000..67c62ab
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CAN-2005-2491/two/.htaccess
@@ -0,0 +1 @@
+RewriteRule a{1,11111111111111111111} /index.html
diff --git a/debian/perl-framework/t/htdocs/security/CVE-2005-3352.map b/debian/perl-framework/t/htdocs/security/CVE-2005-3352.map
new file mode 100644
index 0000000..e867af4
--- /dev/null
+++ b/debian/perl-framework/t/htdocs/security/CVE-2005-3352.map
@@ -0,0 +1 @@
+default referer "Go Back"
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-07 07:26:42 +0000