Description
Apache mod_rewrite is prone to an off-by-one buffer-overflow condition. The vulnerability arising in the mod_rewrite module's ldap scheme handling allows for potential memory corruption when an attacker exploits certain rewrite rules.
Affected Apache versions:
- Apache 1.3.28 - 1.3.36 with mod_rewrite
- Apache 2.2.0 - 2.2.2 with mod_rewrite
- Apache 2.0.46 - 2.0.58 with mod_rewrite
Remediation
Upgrade Apache to the latest version.
References
Related Vulnerabilities
WordPress Plugin Disc Golf Manager PHP Object Injection (1.0.0)
Internet Information Services Other Vulnerability (CVE-2002-1182)
MODX Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-25911)
WordPress Plugin Google Captcha (reCAPTCHA) by BestWebSoft Cross-Site Scripting (1.27)