Bug#380182: CVE-2006-3747: off-by-one security problem in mod_rewrite

To: submit@bugs.debian.org
Subject: Bug#380182: CVE-2006-3747: off-by-one security problem in mod_rewrite
From: sf@sfritsch.de
Date: Fri, 28 Jul 2006 10:04:04 +0200 (CEST)
Message-id: <[🔎] 46340.88.217.195.82.1154073844.squirrel@tuco.sfritsch.de>
Reply-to: sf@sfritsch.de, 380182@bugs.debian.org

package: apache2
version: 2.0.55-4
severity: grave
tags: security patch

SECURITY: CVE-2006-3747
mod_rewrite: Fix an off-by-one security problem in the ldap scheme
handling.  For some RewriteRules this could lead to a pointer being
written out of bounds.  Reported by Mark Dowd of McAfee.

patch is at
http://svn.apache.org/viewvc/httpd/httpd/tags/2.0.59/modules/mappers/mod_rewrite.c?view=log

Reply to:

Prev by Date: Bug#380134: Apache2 pam misconfiguration?
Next by Date: Bug#334824: logrotate: Postrotate documentation - Why restart?
Previous by thread: Bug#380134: Apache2 pam misconfiguration?
Next by thread: Bug#334824: logrotate: Postrotate documentation - Why restart?
Index(es):
- Date
- Thread