Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and previous versions, and possibly later official versions, when running in debug mode, allows remote malicious users to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dag apt repository mod gzip 1.3.26.1a |