On Tuesday 11 September 2007, Stefan Fritsch wrote: > On Tuesday 11 September 2007, Ramon Garcia Fernandez wrote: > > Although it is disclosed as a denial of service, it seems > > to involve a buffer overflow, and thus allow remote code > > execution under the apache account. I can confim, from > > attacks in systems of a customer, that this is actually the case. > > This is a buffer over-read [1]. With some crafted header, apache > will read beyond the end of the header, possibly into a region > where no memory is allocated. This would result in a segmentation > fault and crash of the process. To clarify further: This does not allow to execute arbitrary code. If you had an intrusion you should look for another vulnerability. Cheers, Stefan
Attachment:
signature.asc
Description: This is a digitally signed message part.