Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Gentoo: GLSA-200610-12 High: Apache Mod_Tcl Remote Code Execution

gentoo
Calendar Grey October 24, 2006
Dist Gentoo Esm H88
The use of mod_tcl with Apache on Gentoo Linux reveals a serious format string vulnerability that could allow for remote code execution. Immediate updates are recommended.
A format string vulnerabilty has been found in Apache mod_tcl, which could lead to the remote execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200610-12 https://security.gentoo.org/ Severity: High Title: Apache mod_tcl: Format string vulnerability Date: October 24, 2006 Bugs: #151359 ID: 200610-12

Synopsis ======= A format string vulnerabilty has been found in Apache mod_tcl, which could lead to the remote execution of arbitrary code.
Background ========= Apache mod_tcl is a TCL interpreting module for the Apache 2.x web server.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apache/mod_tcl < 1.0.1 >= 1.0.1
========== Sparfell discovered format string errors in calls to the set_var function in tcl_cmds.c and tcl_core.c.
Impact ===== A remote attacker could...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround