Fedora Project Information for VU#395412

Apache mod_rewrite contains off-by-one error in ldap scheme handling

Status

Affected

Vendor Statement

Vendor statement: Fedora Project

Vulnerable

The ability to exploit this issue is dependent on the stack layout for
a particular compiled version of mod_rewrite.  The Fedora project has
analyzed Fedora Core 4 and 5 binaries and determined that these
distributions are vulnerable to this issue.  However this flaw does
not affect a default installation of Fedora Core; users who do not
use, or have not enabled, the Rewrite module are not affected by this
issue.

Updates to correct this issue are available, see
http://fedora.redhat.com/Download/updates.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.