Description

This alert was generated using only banner information. It may be a false positive.

Security fixes in Apache version 1.3.37:
  • CVE-2006-3747 (cve.mitre.org) mod_rewrite: Fix an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer being written out of bounds. Reported by Mark Dowd of McAfee. [Mark Cox]

Affected Apache versions (up to 1.3.36).

Remediation

Upgrade Apache to the latest version.

References

Apache HTTP Server 1.x announcement

Apache homepage

Related Vulnerabilities

WordPress Plugin Shared Files-Easy Download Manager and File Sharing with Frontend File Upload Cross-Site Scripting (1.6.56)

WordPress 4.9.x Directory Traversal (4.9 - 4.9.25)

WordPress Plugin WP Songbook Cross-Site Scripting (2.0.11)

WordPress Plugin WP Symposium Pro Social Network Cross-Site Scripting (16.01)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4581)

Severity

Medium

Classification

CVE-2006-3747 CWE-189 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update