Red Hat Bugzilla – Bug 110328
CAN-2003-0542 local buffer overflow in config file parsing
Last modified: 2007-11-30 17:06:53 EST
CAN-2003-0542 affects 1.3.27
Multiple stack-based buffer overflows in (1) mod_alias and (2)
mod_rewrite for Apache before 1.3.29 allow attackers to can create
configuration files to cause a denial of service (crash) or execute
arbitrary code via a regular expression with more than 9 captures.
This issue affects the apache package shipped with all variants of Red
Hat Enterprise Linux 2.1.
An errata has been issued which should help the problem described in this bug report.
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen
this bug report if the solution does not work for you.