Apache mod_tcl Remote Format String Vulnerability
Publish Date: 21 luglio 2015
Gravità: : Medio
Identificatori CVE: CVE-2006-4154
Data notifica: 21 luglio 2015
Descrizione
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
Informazioni esposizione:
This vulnerability is addressed in the following Apache module update:
mod_tcl 1.0.1
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1000853
Trend Micro Deep Security DPI Rule Name: 1000853 - Apache mod_tcl Module Format String Vulnerability
Software e versione interessati:
- Apache Software Foundation Apache HTTP Server 2.0
- Apache Software Foundation Apache HTTP Server 2.0 a9
- Apache Software Foundation Apache HTTP Server 2.0.28
- Apache Software Foundation Apache HTTP Server 2.0.28 Beta
- Apache Software Foundation Apache HTTP Server 2.0.28-BETA win32
- Apache Software Foundation Apache HTTP Server 2.0.32
- Apache Software Foundation Apache HTTP Server 2.0.32-BETA win32
- Apache Software Foundation Apache HTTP Server 2.0.34-BETA win32
- Apache Software Foundation Apache HTTP Server 2.0.35
- Apache Software Foundation Apache HTTP Server 2.0.36
- Apache Software Foundation Apache HTTP Server 2.0.37
- Apache Software Foundation Apache HTTP Server 2.0.38
- Apache Software Foundation Apache HTTP Server 2.0.39
- Apache Software Foundation Apache HTTP Server 2.0.40
- Apache Software Foundation Apache HTTP Server 2.0.41
- Apache Software Foundation Apache HTTP Server 2.0.42
- Apache Software Foundation Apache HTTP Server 2.0.43
- Apache Software Foundation Apache HTTP Server 2.0.44
- Apache Software Foundation Apache HTTP Server 2.0.45