Description

This alert was generated using only banner information. It may be a false positive.

Security fixes in Apache version 1.3.37:
  • CVE-2006-3747 (cve.mitre.org) mod_rewrite: Fix an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer being written out of bounds. Reported by Mark Dowd of McAfee. [Mark Cox]

Affected Apache versions (up to 1.3.36).

Remediation

Upgrade Apache to the latest version.

References

Apache HTTP Server 1.x announcement

Apache homepage

Related Vulnerabilities

WordPress Plugin MobileView by ColorLabs & Company Cross-Site Scripting (1.0.7)

WordPress Plugin CWIS-Antivirus Security Scanner Unspecified Vulnerability (2.3.2)

WordPress Plugin GD Star Rating 'tpl_section' Parameter Cross-Site Scripting (1.9.16)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.17)

WordPress Plugin bbPress Cross-Site Scripting (2.5.8)

Severity

Medium

Classification

CVE-2006-3747 CWE-189 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update