Re: Apache 1.3.33
Changes with Apache 1.3.37
*) SECURITY: CVE-2006-3747 (cve.mitre.org)
mod_rewrite: Fix an off-by-one security problem in the ldap scheme
handling. For some RewriteRules this could lead to a pointer being
written out of bounds. Reported by Mark Dowd of McAfee.
[Mark Cox]
Changes with Apache 1.3.36
*) Reverted SVN rev #396294 due to unwanted regression.
The new feature introduced in 1.3.35 (Allow usage of the
"Include" configuration directive within previously "Include"d
files) has been removed in the meantime.
(http://svn.apache.org/viewcvs?rev=396294&view=rev)
Changes with Apache 1.3.35
*) SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imap: Escape untrusted referer header before outputting in HTML
to avoid potential cross-site scripting. Change also made to
ap_escape_html so we escape quotes. Reported by JPCERT.
[Mark Cox]
*) core: Allow usage of the "Include" configuration directive within
previously "Include"d files. [Colm MacCarthaigh]
*) HTML-escape the Expect error message. Not classed as security as
an attacker has no way to influence the Expect header a victim will
send to a target site. Reported by Thiago Zaninotti
<thiango nstalker.com>. [Mark Cox]
*) mod_cgi: Remove block on OPTIONS method so that scripts can
respond to OPTIONS directly rather than via server default.
[Roy Fielding] PR 15242
Changes with Apache 1.3.34
*) hsregex: fix potential core dumping on 64 bit machines, such as
AMD64. PR 31858. [Glenn Strauss < gs-apache-dev gluelogic.com>]
*) SECURITY: core: If a request contains both Transfer-Encoding and
Content-Length headers, remove the Content-Length, mitigating some
HTTP Request Splitting/Spoofing attacks. This has no impact on
mod_proxy_http, yet affects any module which supports chunked
encoding yet fails to prefer T-E: chunked over the Content-Length
purported value. [Paul Querna, Joe Orton]
*) Added TraceEnable [on|off|extended] per-server directive to alter
the behavior of the TRACE method. This addresses a flaw in proxy
conformance to RFC 2616 - previously the proxy server would accept
a TRACE request body although the RFC prohibited it. The default
remains 'TraceEnable on'.
[William Rowe]
*) mod_digest: Fix another nonce string calculation issue.
[Eric Covener]
On 5/28/07, Carlos Augusto Beltrame <zebacking@yahoo.com.br> wrote:
Ola pessoal, voces poderiam me informar quais as vulnerabilidades criticas
do servidor apache na versao 1.3.33
*=================================
.''`. Yours Trully
: :' : Carlos Beltrame
`. `'` Eletrical Engineer
`- IEEE #80472763
Linux User #442225
UNESP - Câmpus de Ilha Solteira
http://www.ieee.org/unesp-ilha
http://www.ldc.feis.unesp.br
*=================================
__________________________________________________
Fale com seus amigos de graça com o novo Yahoo! Messenger
http://br.messenger.yahoo.com/
Reply to:
- References:
- Apache 1.3.33
- From: Carlos Augusto Beltrame <zebacking@yahoo.com.br>