Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mod_SSL Off-By-One HTAccess本地缓冲区溢出漏洞
Vulnerability Description
mod_ssl模块为Apache 1.3 WEB服务程序可以通过Secure Sockets Layer (SSL v2/v3)和Transport Layer Security (TLS v1)协议提供强壮加密的功能。 mod_ssl在处理.htaccess配置文件中的变量时没有正确检查边界长度,本地攻击者可以利用这个漏洞进行缓冲区溢出攻击。 Apache WEB服务程序提供扩展的API通过各种HOOKS调用来方便的为第三放模块接口,其中之一的HOOK是rewrite_command调用,如果WEB服务
CVSS Information
N/A
Vulnerability Type
N/A