-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security/ http://www.openpkg.org openpkg-security@openpkg.org openpkg@openpkg.org OpenPKG-SA-2006.015 28-Jul-2006 ________________________________________________________________________ Package: apache, apache2 Vulnerability: denial of service, arbitrary code execution OpenPKG Specific: no Affected Releases: Affected Packages: Corrected Packages: OpenPKG CURRENT <= apache-1.3.36-20060720 >= apache-1.3.37-20060728 <= apache2-2.2.2-20060622 >= apache2-2.2.3-20060728 OpenPKG 2-STABLE <= apache-1.3.36-2.20060627 >= apache-1.3.37-2.20060728 <= apache2-2.2.2-2.20060622 >= apache2-2.2.3-2.20060728 OpenPKG 2.5-RELEASE <= apache-1.3.33-2.5.5 >= apache-1.3.33-2.5.6 Description: According to a vendor announcement [0], a vulnerability exists in the mod_rewrite module of the Apache HTTP Server [1]. Depending on the manner in which the Apache HTTP Server was compiled, the software defect may result in a vulnerability which, in combination with certain types of "RewriteRule" directives in the server configuration files, could be triggered remotely. The nature of the vulnerability can be Denial of Service (DoS) or potentially allow arbitrary code execution. This issue only affects installations using a "RewriteRule" with the following characteristics: it allows the attacker to control the initial part of the rewritten URL (for example if the substitution URL starts with "$1") or the RewriteRule flags do NOT include any of the flags Forbidden (F), Gone (G), or NoEscape (NE). This issue has been rated as having important security impact by the Apache HTTP Server Security Team. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-3747 [2] to the problem. ________________________________________________________________________ References: [0] http://www.apache.org/dist/httpd/Announcement2.2.html [1] http://httpd.apache.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 ________________________________________________________________________ For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG " (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. ________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Comment: OpenPKG iD8DBQFEya5QgHWT4GPEy58RAlnmAJ9BRCY8f+VXa2iLoqR6EwVCMfZ6dQCfWkX8 2wVANo5dtnNsdNv7lPsEp48= =AlYu -----END PGP SIGNATURE-----