DOCUMENTATION

Views

Search

Toolbox

Advisories:rPSA-2006-0139

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2006-0139-1

Published: 2006-07-28

Products

rPath Linux 1

Rating

Major

Exposure Level Classification

Remote System User Deterministic Unauthorized Access

Updated Versions

httpd=conary.rpath.com@rpl:1/2.0.59-0.1-1
mod_ssl=conary.rpath.com@rpl:1/2.0.59-0.1-1

rPath Issue Tracking System

RPL-538

References

CVE-2006-3747

Description

Previous versions of the httpd package contain a vulnerability in

the mod_rewrite module. In some configurations, this vulnerability

provides a remote attacker an opportunity to run arbitrary code as

the httpd user. The default configuration of the httpd package

is not not vulnerable to this attack because it does not provide

any mod_rewrite rules that would enable the vulnerability.

Copyright 2006 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2006-0139"

Categories: Support Issue | Advisories