Check Point Advisories

Update Protection against Apache LDAP HTTP Server Buffer Overflow Vulnerability

Check Point Reference: CPAI-2006-106
Date Published: 12 Sep 2006
Severity: High
Last Updated: Tuesday 15 May, 2007
Source: FrSIRT/ADV-2006-3017
Industry Reference:CVE-2006-3747
Protection Provided by:
Who is Vulnerable? Apache versions 1.3.28 through 1.3.36
Apache versions 2.0.46 through 2.0.58
Apache versions 2.2.0 through 2.2.2
Vulnerability Description A vulnerability exists in Apache HTTP Server. Attackers can trigger this vulnerability via crafted URLs that are not properly handled using certain Rewrite rules. This issue only affects installations using Rewrite rules with specific characteristics. This flaw allows attackers to cause denial of service and possibly to execute arbitrary code.
Update/Patch AvaliableUpgrade to Apache version 1.3.37, 2.0.59, or 2.2.3 :
http://httpd.apache.org/download.cgi
Vulnerability DetailsThis vulnerability is due to a buffer overflow error in the Rewrite module, mod_rewrite function when processing a specially crafted LDAP URI. Successful exploitation could reportedly result in remote code execution on the vulnerable server or in the crashing of web server processes.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK