Gentoo: 200310-04 Moderate: Apache Buffer Overflow Exploit
gentoo
October 31, 2003
A buffer overflow could occur in mod_alias and mod_rewrite when a regular expression with more than 9 captures is configured.
Summary
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- --------------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200310-04 - ---------------------------------------------------------------------------
GENTOO BUG : 32271 – New ebuild needed for apache-2.0.48 which has 2 security fixes
- ---------------------------------------------------------------------------
Quote from < >:
This version of Apache is principally a bug fix release. A summary of the bug fixes is given at the end of this document. Of particular note is that 2.0.48 addresses two security vulnerabilities:
mod_cgid mishandling of CGI redirect paths could result in CGI output going to the wrong client when a threaded MPM is used. [CAN-2003-0789]
A buffer overflow could occur in mod_alias and mod_rewrite when a regular expression with more than 9 captures is configured. [CAN-2003-0542]
This release is compatible with mo...Read the Full Advisory
Topics Covered
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
PACKAGE : net-www/apache
SUMMARY : buffer overflow
DATE : Fri Oct 31 07:59:00 UTC 2003
EXPLOIT : local
VERSIONS AFFECTED : =apache-2.0.48
CVE : CAN-2003-0789 CAN-2003-0542
Topics Covered
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!