|
|
|
 |
Vulnerability Note VU#434566Apache mod_rewrite vulnerable to buffer overflow via crafted regular expressionOverviewA vulnerability in a supplementary module to the Apache HTTP server could allow an attacker to execute arbitrary code on an affected web server under certain circumstances.I. DescriptionThe Apache HTTP server distribution includes a number of supplemental modules that provide additional functionality to the web server. One of these modules, mod_rewrite, provides a rule-based rewriting engine to rewrite requested URLs "on the fly" based regular expressions. A buffer overflow has been discovered in the way that mod_rewrite handles regular expressions containing more than 9 captures (stored strings matching a particular pattern). This flaw results in a remotely exploitable vulnerability on web servers that specify such a regular expression to the mod_rewrite module in their configuration files.II. ImpactAn attacker may be able to execute arbitrary code in the context of the web server user (e.g., "apache", "httpd", "nobody", etc.). The attacker would have to have the ability to supply a specially crafted configuration file (e.g., .htaccess or httpd.conf) to the Apache server in order to mount this attack.III. SolutionApply a patch from the vendorPatches have been released to address this vulnerability. Please see the Systems Affected section of this document for more details.
References
The Apache Software Foundation credits André Malo with the discovery of this vulnerability. This document was written by Chad R Dougherty.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Get Adobe Reader