Apache.mod_rewrite.LDAP.Scheme.Buffer.Overflow

description-logoDescription

Apache mod_rewrite has an off-by-one buffer overflow vulnerability. A remote attacker could cause a denial of service (application crash) and possibly execute arbitrary code using crafted URLs with certain rewrite rules that are not properly handled.

affected-products-logoAffected Products

Apache versions 1.3.28 through 1.3.36
Apache versions 2.0.46 through 2.0.58
Apache versions 2.2.0 through 2.2.2

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version, available from Web site:
http://httpd.apache.org/download.cgi

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)