Slackware 9.1 Apache Buffer Overflow Advisory: Critical Update
slackware
November 5, 2003
Apache httpd is a hypertext transfer protocol server, and is used by over two thirds of the Internet's web sites
Summary
Here are the details from the Slackware 9.1 ChangeLog: Mon Nov 3 20:06:29 PST 2003 patches/packages/apache-1.3.29-i486-1.tgz: Upgraded to apache-1.3.29. This fixes the following local security issue: o CAN-2003-0542 (cve.mitre.org) Fix buffer overflows in mod_alias and mod_rewrite which occurred if one configured a regular expression with more than 9 captures. This vulnerability requires the attacker to create or modify certain Apache configuration files, and is not a remote hole. However, it could possibly be used to gain additional privileges if access to the Apache administrator account can be gained through some other means. All sites running Apache should upgrade. (* Security fix *) WHERE TO FIND THE NEW PACKAGES: Updated packages for Slackware 8.1: Updated packages for Slackware 9.0: Updated packages for Slackware 9.1: Updated packages for Slackware -current: MD5 SIGNATURES: Slackware 8.1 packages: 1a8190a214c052f0707bd5a6b005a7cd
Read the Full Advisory
Topics Covered
Where Find New Packages
MD5 Signatures
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!