[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: mod_proxy Apache potential issue

On Wed, Jun 23, 2004 at 03:24:13PM +0200, Marc SCHAEFER wrote:

> it seems there is a potential buffer overflow in Apache's mod_proxy.
> Are you aware of it ?

What I believe I heard from our Apache maintainers was that this would only
crash the child servicing the request (which isn't even a DoS, really), and
did not actually permit the execution of code, but the description in CVE is
quite explicit that it is a code execution vulnerability.

Can someone confirm?

 - mdz

Reply to: