You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by David Burry <db...@tagnet.org> on 2004/10/13 22:08:30 UTC
buffer overflow in mod_proxy in 1.3.31?
Has anyone checked this out yet?
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
It was reported in cnet news a month or two ago, and my SOX security
guys at work have been bugging me about it... I need to tell them
either it's a false alarm or it will be fixed soon.
Any current status on it?
Dave
Re: buffer overflow in mod_proxy in 1.3.31?
Posted by Lars Eilebrecht <la...@hyperreal.org>.
According to David:
> It was reported in cnet news a month or two ago, and my SOX security
> guys at work have been bugging me about it... I need to tell them
> either it's a false alarm or it will be fixed soon.
A patch is available since June at
http://www.apache.org/dist/httpd/patches/apply_to_1.3.31/
ciao...
--
Lars Eilebrecht - Ever notice how fast Windows runs?
lars@hyperreal.org - Neither did I.