Apache HTTP Server mod_rewrite Module LDAP Scheme handling Buffer Overflow
Data de publicação: 21 julho 2015
Schweregrad: : Alto
Identificador(es) CVE: : CVE-2006-3747
Data do informe: 21 julho 2015
Descrição
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1000721
Trend Micro Deep Security DPI Rule Name: 1000721 - Apache HTTP Server mod_rewrite Module LDAP Scheme handling Buffer Overflow
Software infectado e versão:
- Apache Software Foundation Apache HTTP Server 1.3.28
- Apache Software Foundation Apache HTTP Server 1.3.29
- Apache Software Foundation Apache HTTP Server 1.3.3
- Apache Software Foundation Apache HTTP Server 1.3.30
- Apache Software Foundation Apache HTTP Server 1.3.31
- Apache Software Foundation Apache HTTP Server 1.3.32
- Apache Software Foundation Apache HTTP Server 1.3.33
- Apache Software Foundation Apache HTTP Server 1.3.4
- Apache Software Foundation Apache HTTP Server 1.3.5
- Apache Software Foundation Apache HTTP Server 1.3.6
- Apache Software Foundation Apache HTTP Server 1.3.7
- Apache Software Foundation Apache HTTP Server 1.3.8
- Apache Software Foundation Apache HTTP Server 1.3.9
- Apache Software Foundation Apache HTTP Server 2.0.46
- Apache Software Foundation Apache HTTP Server 2.0.47
- Apache Software Foundation Apache HTTP Server 2.0.48
- Apache Software Foundation Apache HTTP Server 2.0.49
- Apache Software Foundation Apache HTTP Server 2.0.50
- Apache Software Foundation Apache HTTP Server 2.0.51
- Apache Software Foundation Apache HTTP Server 2.0.52
- Apache Software Foundation Apache HTTP Server 2.0.53
- Apache Software Foundation Apache HTTP Server 2.0.54
- Apache Software Foundation Apache HTTP Server 2.0.55
- Apache Software Foundation Apache HTTP Server 2.0.56
- Apache Software Foundation Apache HTTP Server 2.0.57
- Apache Software Foundation Apache HTTP Server 2.0.58
- Ubuntu Ubuntu Linux 5.04
- Ubuntu Ubuntu Linux 5.10
- Ubuntu Ubuntu Linux 6.06 LTS