CA ARCserve Backup on Solaris, Tru64, HP-UX, and AIX contains multiple vulnerabilities in the Apache HTTP Server version as shipped with ARCserve Backup. CA has issued updates that contain version 2.0.63 of the Apache HTTP Server to address the vulnerabilities.
d86ddfa32f66c166dab389f1acfc4382cf2d3e171fd0b28f0cb00c76bf5575e6SITIC Vulnerability Advisory - Apache 2.0.x suffers from a buffer overflow when expanding environment variables in configuration files such as .htaccess and httpd.conf. In a setup typical of ISPs, for instance, users are allowed to configure their own public_html directories with .htaccess files, leading to possible privilege escalation.
9477ee2d98ddded93d0d277ed18e737445767878dc13e19f31e74199f9b89739NISCC Vulnerability Advisory 403518/NISCC/APACHE - Two new vulnerabilities have been discovered in Apache. Through the testing of Apache by using the Codenomicon HTTP Test Tool, the ASF Security Team has discovered a bug in the apr-util library, which can lead to arbitrary code execution. SITIC have discovered that Apache suffers from a buffer overflow when expanding environment variables in configuration files such as .htaccess and httpd.conf, leading to possible privilege escalation. These vulnerabilities affect versions 2.0.35 through 2.0.50.
819928722d2c3ee7a440437b80c12521e6cbd9bd15899e997ed85366e5c80461
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed