Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Apache mod_gzip debug multiple vulnerabilities

Apache mod_gzip debug multiple vulnerabilities

by Mario Miri on June 5th, 2003 Mod_gzip is reported prone to a stack overflow, format string vulnerability and a file corruption issue due to a predictable naming scheme for log files. Exploitation of these issues could result in execution of malicious instructions or corruption of critical or sensitive files. These issues reportedly only occur when the software is run in debug mode.


Vulnerable:
mod_gzip 1.3.17.1a
mod_gzip 1.3.17.2a
mod_gzip 1.3.19.1a
mod_gzip 1.3.19.2a
mod_gzip 1.3.26.1a


Solution:
Disable debug mode.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »