Contributed by sean on from the patching the apache dept.
Patch your webservers! I was at first not really aware that this issue includes OpenBSD httpd.
From Secunias advisory: [SA21197] Apache mod_rewrite Off-By-One Buffer Overflow Vulnerability
The vulnerability is caused by a off-by-one error in mod_rewrite and
can be exploited to cause a one-byte buffer overflow.
Successful exploitation may crash the web server process or allow
execution of arbitrary code. However, this depends on the manner
which Apache HTTP Server was compiled and also requires the
- Certain types of Rewrite rules are used where the beginning of the rewritten URL is controlled.
- The RewriteRule flags do not include the Forbidden (F), Gone (G),
or NoEscape (NE) flag.
The vulnerability affects Apache 1.3 since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.
Patch is availble (link for 3.9 posted below):
(Comments are closed)