Apache HTTP Server mod_rewrite Vulnerability

Last Update Date: 31 May 2013 16:52 Release Date: 31 May 2013 4218 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability has been identified in Apache HTTP Server, which can be exploited by malicious people to compromise a vulnerable system.  The "do_rewritelog()" function (modules/mappers/mod_rewrite.c) does not properly handle certain escape sequences when writing to the log file and can be exploited by sending a specially crafted HTTP request. Successful exploitation of this vulnerability may allow execution of arbitrary commands but requires the user to view the log file in a terminal emulator.

Impact

  • Remote Code Execution

System / Technologies affected

  • Apache 2.2.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

IBM WebSphere Portal HTTP Response Splitting Vulnerability

31 May 2013 4137 Views

Next

Cisco NX-OS Nexus 1000v Multiple Vulnerabilies

31 May 2013 4031 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY