Apache mod_tcl Remote Format String Vulnerability
Schweregrad: : Medium
Identificador(es) CVE: : CVE-2006-4154
Data do informe: 21 julho 2015
Descrição
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
Exposição das informações
This vulnerability is addressed in the following Apache module update:
mod_tcl 1.0.1
Solução
Trend Micro Deep Security DPI Rule Number: 1000853
Trend Micro Deep Security DPI Rule Name: 1000853 - Apache mod_tcl Module Format String Vulnerability
Software infectado e versão:
- Apache Software Foundation Apache HTTP Server 2.0
- Apache Software Foundation Apache HTTP Server 2.0 a9
- Apache Software Foundation Apache HTTP Server 2.0.28
- Apache Software Foundation Apache HTTP Server 2.0.28 Beta
- Apache Software Foundation Apache HTTP Server 2.0.28-BETA win32
- Apache Software Foundation Apache HTTP Server 2.0.32
- Apache Software Foundation Apache HTTP Server 2.0.32-BETA win32
- Apache Software Foundation Apache HTTP Server 2.0.34-BETA win32
- Apache Software Foundation Apache HTTP Server 2.0.35
- Apache Software Foundation Apache HTTP Server 2.0.36
- Apache Software Foundation Apache HTTP Server 2.0.37
- Apache Software Foundation Apache HTTP Server 2.0.38
- Apache Software Foundation Apache HTTP Server 2.0.39
- Apache Software Foundation Apache HTTP Server 2.0.40
- Apache Software Foundation Apache HTTP Server 2.0.41
- Apache Software Foundation Apache HTTP Server 2.0.42
- Apache Software Foundation Apache HTTP Server 2.0.43
- Apache Software Foundation Apache HTTP Server 2.0.44
- Apache Software Foundation Apache HTTP Server 2.0.45