Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

CVE-2006-3747

Status Candidate

Overview

Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.

Related Files

HP Security Bulletin HPSBOV02683 SSRT090208
Posted May 10, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02683 SSRT090208 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.

tags | advisory, web, denial of service, php, vulnerability
advisories | CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
MD5 | 018c2ab61a3b27c26435b260817377c5
Apache module mod_rewrite LDAP protocol Buffer Overflow
Posted Nov 26, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits the mod_rewrite LDAP protocol scheme handling flaw discovered by Mark Dowd, which produces an off-by-one overflow. Apache versions 1.3.29-36, 2.0.47-58, and 2.2.1-2 are vulnerable. This Metasploit module requires REWRITEPATH to be set accurately. In addition, the target must have 'RewriteEngine on' configured, with a specific 'RewriteRule' condition enabled to allow for exploitation. The flaw affects multiple platforms, however this module currently only supports Windows based installations.

tags | exploit, overflow, protocol
systems | windows
advisories | CVE-2006-3747
MD5 | 24ecf483512ef6982eb1b227d15ee15a
apache-mod-rewrite.rb.txt
Posted Jan 7, 2008
Authored by Marcin Kozlowski

Apache mod_rewrite escape_absolute_uri() off-by-one buffer overflow Metasploit exploit module. This affects Apache versions 1.3.28 through 1.3.36, 2.0.46 through 2.0.58, and 2.2.1 through 2.2.2.

tags | exploit, overflow
advisories | CVE-2006-3747
MD5 | e71e56d7bfd5e229f331137228932628
HP Security Bulletin 2006-12.75
Posted Aug 8, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified HP System Management

tags | advisory, vulnerability
advisories | CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-4339, CVE-2006-4343
MD5 | 15f77edb82a22775889e3fe56157dbb0
apache2058-rewrite.txt
Posted May 31, 2007
Authored by fabio/b0x

Apache version 2.0.58 mod_rewrite remote overflow exploit for win32. Binds a shell to port 4445.

tags | exploit, remote, overflow, shell
systems | windows
advisories | CVE-2006-3747
MD5 | d13fe4b22535aa7ea1182a7adefdbf1e
HP Security Bulletin 2006-12.2
Posted Sep 7, 2006
Authored by Hewlett Packard, HP | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, denial of service, or unauthorized access.

tags | advisory, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2006-3747, CVE-2005-3352, CVE-2005-3357
MD5 | 7060db2e730ca644a55dcccbba488d35
modrewritepoc.txt
Posted Aug 27, 2006
Authored by Jacobo Avariento Gimeno

Proof of concept exploit for the mod_rewrite vulnerability in Apache that makes use of an off by one overflow in the handling of ldap requests.

tags | exploit, overflow, proof of concept
advisories | CVE-2006-3747
MD5 | c73cc24a83f51dea40e84ceedbb4c17c
Debian Linux Security Advisory 1132-1
Posted Aug 17, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1132-1 - Mark Dowd discovered a buffer overflow in the mod_rewrite component of apache, a versatile high-performance HTTP server. In some situations a remote attacker could exploit this to execute arbitary code.

tags | advisory, remote, web, overflow
systems | linux, debian
advisories | CVE-2006-3747
MD5 | 3c651cf28d3daf7a9c44548c12d62ad2
Debian Linux Security Advisory 1131-1
Posted Aug 17, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1131-1 - Mark Dowd discovered a buffer overflow in the mod_rewrite component of apache, a versatile high-performance HTTP server. In some situations a remote attacker could exploit this to execute arbitary code

tags | advisory, remote, web, overflow
systems | linux, debian
advisories | CVE-2006-3747
MD5 | 720c4b8d72e955f0a6941f5d82028cff
Mandriva Linux Security Advisory 2006.133
Posted Aug 3, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-133 - Mark Dowd, of McAffee Avert Labs, discovered a potential remotely exploitable off-by-one flaw in Apache's mod_rewrite ldap scheme handling.

tags | advisory
systems | linux, mandriva
advisories | CVE-2006-3747
MD5 | d7df5a7ebe7243c186818259af0de7e3
SUSE-SA-2006-043.txt
Posted Aug 3, 2006
Site suse.com

SUSE Security Announcement SUSE-SA:2006:043 - The mod_rewrite vulnerability in Apache has been patched.

tags | advisory
systems | linux, suse
advisories | CVE-2005-3352, CVE-2006-3747
MD5 | 79e1816f9929064e5a3eaa8a9ff70568
modrewrite.txt
Posted Aug 3, 2006
Authored by Mark Dowd | Site avertlabs.com

Mod_rewrite is an Apache module that can be used to remap requests based on regular expression matches of the requested URI. A buffer overflow vulnerability exists when dealing with rewritten URI's that are prefixed with the LDAP protocol scheme.

tags | advisory, overflow, protocol
advisories | CVE-2006-3747
MD5 | 7771959086da058fc8bcfb0c2e59cf43
apacheRewrite.txt
Posted Aug 3, 2006
Site apache.org

An off-by-one flaw exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3 since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.

tags | advisory
advisories | CVE-2006-3747
MD5 | 453afd5a9140b8331824e3923dd5ea53
OpenPKG Security Advisory 2006.15
Posted Aug 3, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.015 - According to a vendor announcement, a vulnerability exists in the mod_rewrite module of the Apache HTTP Server. Depending on the manner in which the Apache HTTP Server was compiled, the software defect may result in a vulnerability which, in combination with certain types of "RewriteRule" directives in the server configuration files, could be triggered remotely.

tags | advisory, web
advisories | CVE-2006-3747
MD5 | 4f82467e78a3854e9693eb086c360e63
Ubuntu Security Notice 328-1
Posted Jul 28, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-328-1 - Mark Dowd discovered an off-by-one buffer overflow in the mod_rewrite module's ldap scheme handling for Apache 2.

tags | advisory, overflow
systems | linux, ubuntu
advisories | CVE-2006-3747
MD5 | f7dfeb500655513bde2fc845015f145e
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    6 Files
  • 21
    May 21st
    1 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close