[apache2 0005142]: Security issues

Mantis Bug Tracker via bug-notifications bug-notifications at lists.opencsw.org
Mon Jan 20 13:00:34 CET 2014


The following issue has been SUBMITTED. 
====================================================================== 
https://www.opencsw.org/mantis/view.php?id=5142 
====================================================================== 
Reported By:                burger99
Assigned To:                
====================================================================== 
Project:                    apache2
Issue ID:                   5142
Category:                   upgrade
Reproducibility:            N/A
Severity:                   minor
Priority:                   normal
Status:                     new
====================================================================== 
Date Submitted:             2014-01-20 13:00 CET
Last Modified:              2014-01-20 13:00 CET
====================================================================== 
Summary:                    Security issues
Description: 
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x
before 2.2.25 writes data to a log file without sanitizing non-printable
characters, which might allow remote attackers to execute arbitrary
commands via an HTTP request containing an escape sequence for a terminal
emulator.

Newest version available is 2.2.26
======================================================================



More information about the bug-notifications mailing list