Apache mod_include Local Buffer Overflow Vulnerability

Apache mod_include Local Buffer Overflow Vulnerability

References:

Apache 1.3.x ChangeLog (Apache Software Foundation)
Apache 1.3.x Latest Release Information Page (Apache Software Foundation)
Apache Homepage (Apache Software Foundation)
Apache mod_include Page (Apache Software Foundation)
ASA-2005-010_RHSA-2004-600 (Avaya)
HPSBUX01098 ApacheStrong remote Denial of Service or arbitrary code execution (HP)
HPSBUX01113 Apache 1.3 on VirtualVault potential remote Denial of Service (DoS) (HP)
Overview of security vulnerabilities in Apache httpd 1.3 (ApacheWeek)
PK05084: CAN-2004-0940 Possible denial of service with mod_include (IBM)
RHSA-2004:600-12 - Updated apache and mod_ssl packages fix security vulnerabilit (RedHat)
RHSA-2005:816-10 - apache, mod_ssl, php update for Stronghold (RedHat)
Sun Alert ID: 102197 (Sun)

Privacy Statement
Copyright 2010, SecurityFocus