28 Jul
2006
28 Jul
'06
22:45
Hello, Am Freitag, 28. Juli 2006 17:22 schrieb Marcus Meissner:
The following security problem was fixed in the Apache and Apache 2 web servers:
mod_rewrite: Fix an off-by-one security problem in the ldap scheme handling.
Does this mean that this vulnerability only happens when I use LDAP _and_ mod_rewrite with Apache? Or does a "simple" use of mod_rewrite without LDAP also have this problem? (Or does ldap mean anything else than the (in)famous directory service here?) Some clarification would be helpful ;-) (The announcement on apache.org does not even mention LDAP...) Regards, Christian Boltz, no random sig today ;-) -- LDAP! Ich wollte Rollschuhe, und sie banden mir an jeden Fuss einen Panzer. [Ratti in suse-linux]