Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and previous versions, and possibly later official versions, when running in debug mode and using the Apache log, allows remote malicious users to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dag apt repository mod gzip |