Apache Mod ReWrite Rules Bypassing Image Linking Vulnerability
|
Bugtraq ID:
|
3176
|
|
Class:
|
Access Validation Error
|
|
CVE:
|
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Aug 12 2001 12:00AM
|
|
Updated:
|
Aug 12 2001 12:00AM
|
|
Credit:
|
This vulnerability was discovered by Jeff Workman <jworkman@pimpworks.org>, and announced to the Bugtraq mailing list on August 12, 2001.
|
|
Vulnerable:
|
IBM HTTP Server 1.3.19
-
HP HP-UX 11.0
-
IBM AIX 4.3.3
-
Microsoft Windows NT 4.0 SP6a
-
Microsoft Windows NT 4.0 SP5
-
Microsoft Windows NT 4.0 SP4
-
Redhat Linux 7.1
-
Sun Solaris 7.0
-
Sun Solaris 2.6
-
SuSE Linux 7.1
Apache Apache 1.3.20
-
HP HP-UX 11.22
-
HP HP-UX 11.20
+
MandrakeSoft Single Network Firewall 7.2
+
SGI IRIX 6.5.18
+
SGI IRIX 6.5.17
+
SGI IRIX 6.5.16
+
SGI IRIX 6.5.15
+
SGI IRIX 6.5.14 m
+
SGI IRIX 6.5.14 f
+
SGI IRIX 6.5.14
+
SGI IRIX 6.5.13 m
+
SGI IRIX 6.5.13 f
+
SGI IRIX 6.5.13
+
SGI IRIX 6.5.12 m
+
SGI IRIX 6.5.12 f
+
SGI IRIX 6.5.12
+
Slackware Linux 8.0
+
Sun Cobalt Control Station 4100CS
+
Sun Cobalt RaQ 550
+
Sun Solaris 9_x86 Update 2
+
Sun Solaris 9_x86
+
Sun Solaris 9
+
Sun SunOS 5.9 _x86
+
Sun SunOS 5.9
+
SuSE Linux 7.3 sparc
+
SuSE Linux 7.3 ppc
+
SuSE Linux 7.3 i386
+
SuSE Linux 7.3
Apache Apache 1.3.19
-
Apple Mac OS X 10.0.3
-
Caldera OpenLinux 2.4
+
Debian Linux 2.3
-
Digital (Compaq) TRU64/DIGITAL UNIX 5.0
-
Digital (Compaq) TRU64/DIGITAL UNIX 4.0 g
-
Digital (Compaq) TRU64/DIGITAL UNIX 4.0 f
+
EnGarde Secure Linux 1.0.1
-
FreeBSD FreeBSD 4.2
-
FreeBSD FreeBSD 3.5.1
-
HP HP-UX 11.11
-
HP HP-UX 11.0 4
-
HP HP-UX 11.0
-
HP HP-UX 10.20
+
HP Secure OS software for Linux 1.0
-
HP VirtualVault 4.5
+
Mandriva Linux Mandrake 8.1
-
Mandriva Linux Mandrake 8.0
-
Mandriva Linux Mandrake 7.2
-
Mandriva Linux Mandrake 7.1
-
NetBSD NetBSD 1.5.1
-
NetBSD NetBSD 1.5
+
OpenBSD OpenBSD 2.9
-
OpenBSD OpenBSD 2.8
+
OpenBSD OpenBSD 3.0
-
Redhat Linux 7.1
-
Redhat Linux 7.0
-
Redhat Linux 6.2
-
SCO eDesktop 2.4
-
SCO eServer 2.3.1
-
SGI IRIX 6.5.9
-
SGI IRIX 6.5.8
-
Sun Solaris 8_sparc
-
Sun Solaris 7.0
+
SuSE Linux 7.2 i386
+
SuSE Linux 7.2
+
SuSE Linux 7.1 x86
+
SuSE Linux 7.1 sparc
+
SuSE Linux 7.1 ppc
+
SuSE Linux 7.1 alpha
+
SuSE Linux 7.1
+
SuSE Linux 7.0 sparc
+
SuSE Linux 7.0 ppc
+
SuSE Linux 7.0 i386
+
SuSE Linux 7.0 alpha
+
SuSE Linux 7.0
+
SuSE Linux 6.4 ppc
+
SuSE Linux 6.4 i386
+
SuSE Linux 6.4 alpha
+
SuSE Linux 6.4
Apache Apache 1.3.17
+
MandrakeSoft Corporate Server 1.0.1
+
Mandriva Linux Mandrake 8.0 ppc
+
Mandriva Linux Mandrake 8.0
+
OpenBSD OpenBSD 2.8
+
SuSE Linux 7.1
Apache Apache 1.3.14
+
EnGarde Secure Linux 1.0.1
-
MandrakeSoft Single Network Firewall 7.2
+
Mandriva Linux Mandrake 7.2
+
Mandriva Linux Mandrake 7.1
+
SGI IRIX 6.5.11
+
SGI IRIX 6.5.10
+
SGI IRIX 6.5.9
+
SGI IRIX 6.5.8
+
SGI IRIX 6.5.7
+
SGI IRIX 6.5.6
+
SGI IRIX 6.5.5
+
SGI IRIX 6.5.4
+
SGI IRIX 6.5.3
+
SGI IRIX 6.5.2
+
SGI IRIX 6.5.1
+
SGI IRIX 6.5
|
|
|
|
Not Vulnerable:
|
|
|
