DescriptionOff-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
- SUSE-SA:2006:043, published Fri, 28 Jul 2006 17:00:00 +0000
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise Server 11 SP1|| |
|SUSE Linux Enterprise Server 11 SP2|| |
|SUSE Linux Enterprise Server 11 SP3|| |
|SUSE Linux Enterprise Server 11 SP4|| |
|SUSE Linux Enterprise Software Development Kit 11 SP4|| |
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA apache2-2.4.49-1.1