PK29156: CVE-2006-3747 MOD_REWRITE ERROR | |||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description mod_rewrite has a defect which, on Windows and HP-UX with IBM HTTP Server 2.x, can result in a web server child process crash in configurations with mod_rewrite active. The crash can be triggered by a client request. The Apache HTTP Server project has assigned CVE-2006-3747 to this problem. For IBM HTTP Server 6.x, CVE-2006-3747 applies only to the Windows platform.Local fix Problem summary mod_rewrite had a loop control defect in ldap scheme handling which allowed a memory overlay with certain URLs from the client. This can only occur if mod_rewrite is activated, if certain types of rewrite rules are enabled, and a client sends a malicious request. On most platforms, the memory overlay does not cause any ill side-effect. With IBM HTTP Server 2.0.x on Windows and HP-UX, the memory overlay can cause a web server crash. Because the types of mod_rewrite directives which enable the vulnerability are common, it is strongly recommended that customers with IBM HTTP Server 2.0.x on Windows and HP-UX apply the fix. It will be included in cumulative fix PK29827. See PK29154 and PK29157 for applicability to other releases.Problem conclusion The loop control defect in mod_rewrite was corrected, thus eliminating the possibility of a memory overlay when malicious requests were processed.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: PK29154 APAR is sysrouted TO one or more of the following: Modules/Macros Publications Referenced
|
Product categories: Software > Application Servers >
Distributed Application & Web Servers > IBM HTTP Server >
Runtime
Operating system(s):
Software version: 00W
Software edition:
Reference #: PK29156
IBM Group: Software Group
Modified date: Aug 14, 2006
(C) Copyright IBM Corporation 2000, 2008. All Rights Reserved.