Bug#380231: [CVE-2006-3747] Off-by-one flaw exists in the Rewrite module, mod_rewrite

To: Daniel Leidert <daniel.leidert.spam@gmx.net>, 380231@bugs.debian.org
Subject: Bug#380231: [CVE-2006-3747] Off-by-one flaw exists in the Rewrite module, mod_rewrite
From: Steve Kemp <skx@debian.org>
Date: Fri, 28 Jul 2006 16:52:13 +0100
Message-id: <[🔎] 20060728155213.GA10064@steve.org.uk>
Reply-to: Steve Kemp <skx@debian.org>, 380231@bugs.debian.org
In-reply-to: <[🔎] 20060728150638.5434.8819.reportbug@localhost>
References: <[🔎] 20060728150638.5434.8819.reportbug@localhost>

On Fri, Jul 28, 2006 at 05:06:38PM +0200, Daniel Leidert wrote:

> The latest release notes [1] of apache 1.3.37, 2.0.59 and 2.2.3 contains a
> note, about an off-by-one flaw (CVE-2006-3747 [2]).
> 
> [1] http://www.apache.org/dist/httpd/Announcement2.2.html
> [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747
> 
> Please check, if the Debian package(s) is/are vulnerable.

  apache + apache2 packages are affected.  DSA in preparation.

  Thanks for the report.

  (Please see also #380182)

Steve
--

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Bug#380231: [CVE-2006-3747] Off-by-one flaw exists in the Rewrite module, mod_rewrite
  - From: Daniel Leidert <daniel.leidert.spam@gmx.net>

Prev by Date: Bug#380231: [CVE-2006-3747] Off-by-one flaw exists in the Rewrite module, mod_rewrite
Next by Date: Bug#380296: libapache-mod-perl: Apache::Util functions are unavailable outside of requests
Previous by thread: Bug#380231: [CVE-2006-3747] Off-by-one flaw exists in the Rewrite module, mod_rewrite
Next by thread: Bug#380296: libapache-mod-perl: Apache::Util functions are unavailable outside of requests
Index(es):
- Date
- Thread