|
Multiple Mod_Gzip Debug Mode Vulnerabilities
Mod_gzip is reported prone to a stack overflow, format string vulnerability and a file corruption issue due to a predictable naming scheme for log files. Exploitation of these issues could result in execution of malicious instructions or corruption of critical or sensitive files. These issues reportedly only occur when the software is run in debug mode. ** The m00-mod_gzip.c exploit is malicious in nature and has been removed from this BID. |
|
|
Privacy Statement |
