Apache mod_tcl Remote Format String Vulnerability
2015年7月21日
危険度: 中
CVE識別番号: CVE-2006-4154
情報公開日: 7 21, 2015
概要
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
トレンドマイクロの対策
This vulnerability is addressed in the following Apache module update:
mod_tcl 1.0.1
対応方法
Trend Micro Deep Security DPI Rule Number: 1000853
Trend Micro Deep Security DPI Rule Name: 1000853 - Apache mod_tcl Module Format String Vulnerability
影響を受けるソフトウェア
- Apache Software Foundation Apache HTTP Server 2.0
- Apache Software Foundation Apache HTTP Server 2.0 a9
- Apache Software Foundation Apache HTTP Server 2.0.28
- Apache Software Foundation Apache HTTP Server 2.0.28 Beta
- Apache Software Foundation Apache HTTP Server 2.0.28-BETA win32
- Apache Software Foundation Apache HTTP Server 2.0.32
- Apache Software Foundation Apache HTTP Server 2.0.32-BETA win32
- Apache Software Foundation Apache HTTP Server 2.0.34-BETA win32
- Apache Software Foundation Apache HTTP Server 2.0.35
- Apache Software Foundation Apache HTTP Server 2.0.36
- Apache Software Foundation Apache HTTP Server 2.0.37
- Apache Software Foundation Apache HTTP Server 2.0.38
- Apache Software Foundation Apache HTTP Server 2.0.39
- Apache Software Foundation Apache HTTP Server 2.0.40
- Apache Software Foundation Apache HTTP Server 2.0.41
- Apache Software Foundation Apache HTTP Server 2.0.42
- Apache Software Foundation Apache HTTP Server 2.0.43
- Apache Software Foundation Apache HTTP Server 2.0.44
- Apache Software Foundation Apache HTTP Server 2.0.45