Apache update for a remote vulnerability
Apache update for a remote vulnerability
[Security] Posted Jul 28, 2006 19:19 UTC (Fri) by corbet
The Apache project has disclosed a vulnerability in just about all versions of the Apache HTTP server. The problem only affects sites using mod_rewrite, but, on those sites, the possibility of a full remote exploit exists. The fix can be found in Apache 2.2.3, 2.0.59, and 1.3.37, or in the distributor updates which are beginning to appear. This looks like a good one to patch quickly.