PublicDate: 2006-07-28 18:02:00 UTC
Candidate: CVE-2006-3747
References:
 https://ubuntu.com/security/notices/USN-328-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747
Description:
 Off-by-one error in the ldap scheme handling in the Rewrite module
 (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before
 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to
 cause a denial of service (application crash) and possibly execute
 arbitrary code via crafted URLs that are not properly handled using certain
 rewrite rules.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_apache: released (1.3.34-2ubuntu0.1)
edgy_apache: released (1.3.34-4ubuntu1)
feisty_apache: released (1.3.34-4ubuntu1)
devel_apache: DNE
dapper_apache2: released (2.0.55-4ubuntu2.2)
edgy_apache2: released (2.0.55-4ubuntu4.1)
feisty_apache2: released (2.2.3-3.2ubuntu0.1)
devel_apache2: released (2.2.4-3)
upstream_apache: needs-triage
upstream_apache2: needs-triage