[apache2 0005142]: Security issues
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Sat Feb 22 11:38:07 CET 2014
The following issue has been CLOSED
======================================================================
https://www.opencsw.org/mantis/view.php?id=5142
======================================================================
Reported By: burger99
Assigned To: dam
======================================================================
Project: apache2
Issue ID: 5142
Category: upgrade
Reproducibility: N/A
Severity: minor
Priority: normal
Status: closed
Resolution: open
Fixed in Version:
======================================================================
Date Submitted: 2014-01-20 13:00 CET
Last Modified: 2014-02-22 11:38 CET
======================================================================
Summary: Security issues
Description:
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x
before 2.2.25 writes data to a log file without sanitizing non-printable
characters, which might allow remote attackers to execute arbitrary
commands via an HTTP request containing an escape sequence for a terminal
emulator.
Newest version available is 2.2.26
======================================================================
----------------------------------------------------------------------
(0010730) dam (administrator) - 2014-02-22 11:38
https://www.opencsw.org/mantis/view.php?id=5142#c10730
----------------------------------------------------------------------
Apache 2.2.26,REV=2014.02.07 has been pushed to unstable/.
More information about the bug-notifications
mailing list