Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:APACHE:REWRITE-OF

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Apache mod_rewrite Buffer Overflow

Release Date

 2006/10/16

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Apache mod_rewrite Buffer Overflow


This signature detects attempts to exploit a known vulnerability in the Apache mod_rewrite module. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the Apache daemon.

Extended Description

Apache mod_rewrite is prone to an off-by-one buffer-overflow condition. The vulnerability arising in the mod_rewrite module's ldap scheme handling allows for potential memory corruption when an attacker exploits certain rewrite rules. An attacker may exploit this issue to trigger a denial-of-service condition. Reportedly, arbitrary code execution may be possible as well.

Affected Products

  • Apache_software_foundation apache 1.3.28
  • Apache_software_foundation apache 1.3.29
  • Apache_software_foundation apache 1.3.3
  • Apache_software_foundation apache 1.3.31
  • Apache_software_foundation apache 1.3.32
  • Apache_software_foundation apache 1.3.33
  • Apache_software_foundation apache 1.3.34
  • Apache_software_foundation apache 1.3.35 -Dev
  • Apache_software_foundation apache 1.3.36
  • Apache_software_foundation apache 1.3.4
  • Apache_software_foundation apache 1.3.6
  • Apache_software_foundation apache 1.3.7 -Dev
  • Apache_software_foundation apache 1.3.9
  • Apache_software_foundation apache 2.0.46
  • Apache_software_foundation apache 2.0.47
  • Apache_software_foundation apache 2.0.48
  • Apache_software_foundation apache 2.0.49
  • Apache_software_foundation apache 2.0.50
  • Apache_software_foundation apache 2.0.51
  • Apache_software_foundation apache 2.0.52
  • Apache_software_foundation apache 2.0.53
  • Apache_software_foundation apache 2.0.54
  • Apache_software_foundation apache 2.0.55
  • Apache_software_foundation apache 2.0.56 -Dev
  • Apache_software_foundation apache 2.2.0
  • Apple mac_os_x 10.4.1
  • Apple mac_os_x 10.4.10
  • Apple mac_os_x 10.4.11
  • Apple mac_os_x 10.4.2
  • Apple mac_os_x 10.4.3
  • Apple mac_os_x 10.4.4
  • Apple mac_os_x 10.4.5
  • Apple mac_os_x 10.4.6
  • Apple mac_os_x 10.4.7
  • Apple mac_os_x 10.4.8
  • Apple mac_os_x 10.4.9
  • Apple mac_os_x_server 10.4.1
  • Apple mac_os_x_server 10.4.10
  • Apple mac_os_x_server 10.4.11
  • Apple mac_os_x_server 10.4.2
  • Apple mac_os_x_server 10.4.3
  • Apple mac_os_x_server 10.4.4
  • Apple mac_os_x_server 10.4.5
  • Apple mac_os_x_server 10.4.6
  • Apple mac_os_x_server 10.4.7
  • Apple mac_os_x_server 10.4.8
  • Apple mac_os_x_server 10.4.9
  • Apple mac_os_x_server 10.5
  • Apple mac_os_x_server 10.5.1
  • Apple mac_os_x_server 10.5.2
  • Debian linux 3.1.0
  • Debian linux 3.1.0 Alpha
  • Debian linux 3.1.0 Amd64
  • Debian linux 3.1.0 Arm
  • Debian linux 3.1.0 Hppa
  • Debian linux 3.1.0 Ia-32
  • Debian linux 3.1.0 Ia-64
  • Debian linux 3.1.0 M68k
  • Debian linux 3.1.0 Mips
  • Debian linux 3.1.0 Mipsel
  • Debian linux 3.1.0 Ppc
  • Debian linux 3.1.0 S/390
  • Debian linux 3.1.0 Sparc
  • Gentoo linux
  • Hp hp-ux B.11.00
  • Hp hp-ux B.11.04
  • Hp hp-ux B.11.11
  • Hp hp-ux B.11.23
  • Hp openview_network_node_manager 6.41
  • Hp openview_network_node_manager 7.01
  • Hp openview_network_node_manager 7.51
  • Hp openvms_secure_web_server 1.1
  • Hp openvms_secure_web_server 1.1.0 -1
  • Hp openvms_secure_web_server 1.2.0
  • Hp openvms_secure_web_server 2.1-1
  • Hp system_management_homepage 2.0.0
  • Hp system_management_homepage 2.0.1
  • Hp system_management_homepage 2.0.2
  • Hp system_management_homepage 2.1.0
  • Hp system_management_homepage 2.1.1
  • Hp system_management_homepage 2.1.2
  • Hp system_management_homepage 2.1.3
  • Hp system_management_homepage 2.1.3 .132
  • Hp system_management_homepage 2.1.4
  • Hp system_management_homepage 2.1.5
  • Hp system_management_homepage 2.1.6
  • Hp virtualvault 4.7.0
  • Hp virtualvault A.04.50
  • Hp virtualvault A.04.60
  • Hp virtualvault A.04.70
  • Hp webproxy A.02.00
  • Hp webproxy A.02.10
  • Ibm hardware_management_console_(hmc)_for_iseries 6.0 R1.0
  • Ibm hardware_management_console_(hmc)_for_pseries 6.0 R1.0
  • Ibm http_server 1.3.26 .2
  • Ibm http_server 1.3.28 .1
  • Ibm websphere_application_server 6.0.2
  • Ibm websphere_application_server 6.0.2.1
  • Ibm websphere_application_server 6.0.2.11
  • Ibm websphere_application_server 6.0.2.13
  • Ibm websphere_application_server 6.0.2.3
  • Ibm websphere_application_server 6.0.2.5
  • Ibm websphere_application_server 6.0.2.7
  • Ibm websphere_application_server 6.0.2.9
  • Ibm websphere_application_server 6.1.0
  • Ibm websphere_application_server 6.1.0.1
  • Ibm websphere_application_server 6.1.0.2
  • Mandriva corporate_server 3.0.0
  • Mandriva corporate_server 3.0.0 X86 64
  • Mandriva linux_mandrake 2006.0.0
  • Mandriva linux_mandrake 2006.0.0 X86 64
  • Mandriva multi_network_firewall 2.0.0
  • Openbsd openbsd 3.8
  • Openbsd openbsd 3.9
  • Openpkg openpkg 2.0.0
  • Openpkg openpkg 2.1.0
  • Openpkg openpkg 2.2.0
  • Openpkg openpkg 2.3.0
  • Openpkg openpkg 2.4.0
  • Openpkg openpkg 2.5.0
  • Rpath rpath_linux 1
  • Slackware linux 10.0.0
  • Slackware linux 10.1.0
  • Slackware linux 10.2.0
  • Slackware linux 8.1.0
  • Slackware linux 9.0.0
  • Slackware linux 9.1.0
  • Slackware linux -Current
  • Sun solaris 10 X86
  • Sun solaris 8 Sparc
  • Sun solaris 8 X86
  • Sun solaris 9 Sparc
  • Sun solaris 9 X86
  • Suse linux_enterprise_server_for_s/390 9.0.0
  • Suse linux_enterprise_server_for_s/390
  • Suse linux_personal 10.0.0 OSS
  • Suse linux_personal 10.1
  • Suse linux_personal 9.2.0
  • Suse linux_personal 9.2.0 X86 64
  • Suse linux_personal 9.3.0
  • Suse linux_personal 9.3.0 X86 64
  • Suse linux_professional 10.0.0
  • Suse linux_professional 10.0.0 OSS
  • Suse linux_professional 10.1
  • Suse linux_professional 9.2.0
  • Suse linux_professional 9.2.0 X86 64
  • Suse linux_professional 9.3.0
  • Suse linux_professional 9.3.0 X86 64
  • Suse suse_linux_enterprise_sdk 10
  • Suse suse_linux_enterprise_server 10
  • Suse suse_linux_enterprise_server 9
  • Trustix secure_enterprise_linux 2.0.0
  • Trustix secure_linux 2.2.0
  • Trustix secure_linux 3.0.0
  • Turbolinux appliance_server 2.0
  • Turbolinux home
  • Turbolinux multimedia
  • Turbolinux personal
  • Turbolinux turbolinux 10 F...
  • Turbolinux turbolinux FUJI
  • Turbolinux turbolinux_desktop 10.0.0
  • Turbolinux turbolinux_server 10.0.0
  • Turbolinux turbolinux_server 10.0.0 X86
  • Ubuntu ubuntu_linux 5.0.0 4 Amd64
  • Ubuntu ubuntu_linux 5.0.0 4 I386
  • Ubuntu ubuntu_linux 5.0.0 4 Powerpc
  • Ubuntu ubuntu_linux 5.10.0 Amd64
  • Ubuntu ubuntu_linux 5.10.0 I386
  • Ubuntu ubuntu_linux 5.10.0 Powerpc
  • Ubuntu ubuntu_linux 5.10.0 Sparc
  • Ubuntu ubuntu_linux 6.06 LTS Amd64
  • Ubuntu ubuntu_linux 6.06 LTS I386
  • Ubuntu ubuntu_linux 6.06 LTS Powerpc
  • Ubuntu ubuntu_linux 6.06 LTS Sparc

References

  • BugTraq: 19204
  • CVE: CVE-2006-3747
  • URL: http://www.securityfocus.com/archive/1/443870
  • URL: http://www.kb.cert.org/vuls/id/395412
  • URL: http://www.apache.org/dist/httpd/Announcement2.0.html
  • URL: http://archives.neohapsis.com/archives/bugtraq/2006-07/0514.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out