06.31.33 CVE: CVE-2006-3747 Platform: Cross Platform Title: Apache Mod_Rewrite Off-By-One Buffer Overflow Description: Apache's mod_rewrite is a rule-based rewriting engine which rewrites requested URLs for the Apache web server. It is prone to a buffer overflow condition that presents itself on a system with the active configuration "RewriteEngine on". Versions 2.0.53-55 and prior to 1.3.35 are reported as vulnerable. Ref: http://www.kb.cert.org/vuls/id/395412
This was fixed for FC4, but appears still an issue for FC3.
However, RHEL bug #200219 says RHEL3 and RHEL4 are not actually vulnerable. That is almost certainly the case for FC3 as well. Can someone confirm?
Fedora Core 3 is now completely unmaintained. These bugs can't be fixed in that version. If the issue still persists in current Fedora Core, please reopen. Thank you, and sorry about this.