Fedora Project Information for VU#395412

Apache mod_rewrite contains off-by-one error in ldap scheme handling



Vendor Statement

Vendor statement: Fedora Project


The ability to exploit this issue is dependent on the stack layout for
a particular compiled version of mod_rewrite.  The Fedora project has
analyzed Fedora Core 4 and 5 binaries and determined that these
distributions are vulnerable to this issue.  However this flaw does
not affect a default installation of Fedora Core; users who do not
use, or have not enabled, the Rewrite module are not affected by this

Updates to correct this issue are available, see

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.