WEB APPLICATION VULNERABILITIES Standard & Premium

Apache version older than 1.3.37

Description

This alert was generated using only banner information. It may be a false positive.

Security fixes in Apache version 1.3.37:

CVE-2006-3747 (cve.mitre.org) mod_rewrite: Fix an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer being written out of bounds. Reported by Mark Dowd of McAfee. [Mark Cox]

Affected Apache versions (up to 1.3.36).

Remediation

Upgrade Apache to the latest version.

References

Apache HTTP Server 1.x announcement

Apache homepage

Related Vulnerabilities

Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.6)

WordPress Plugin Slideshow Multiple Cross-Site Scripting Vulnerabilities (2.1.14)

Joomla! Core Security Bypass (2.5.0 - 3.9.16)

WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0)

WordPress Plugin Gallery-Video Gallery and Youtube Gallery Cross-Site Scripting (1.2.4)

Severity

Medium

Classification

CVE-2006-3747 CWE-189 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update