[apache2 0005142]: Security issues

Mantis Bug Tracker via bug-notifications bug-notifications at lists.opencsw.org
Mon Feb 3 13:18:16 CET 2014


The following issue has been ASSIGNED. 
====================================================================== 
https://www.opencsw.org/mantis/view.php?id=5142 
====================================================================== 
Reported By:                burger99
Assigned To:                dam
====================================================================== 
Project:                    apache2
Issue ID:                   5142
Category:                   upgrade
Reproducibility:            N/A
Severity:                   minor
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             2014-01-20 13:00 CET
Last Modified:              2014-02-03 13:18 CET
====================================================================== 
Summary:                    Security issues
Description: 
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x
before 2.2.25 writes data to a log file without sanitizing non-printable
characters, which might allow remote attackers to execute arbitrary
commands via an HTTP request containing an escape sequence for a terminal
emulator.

Newest version available is 2.2.26
======================================================================



More information about the bug-notifications mailing list