Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions prior to 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server |
||
canonical ubuntu linux 5.04 |
||
canonical ubuntu linux 5.10 |
||
canonical ubuntu linux 6.06 |
||
debian debian linux 3.1 |