Apache Buffer Overflow Flaw Patched
A bug in popular open source server puts some users at risk of arbitrary code execution.
The buffer overflow flaw affects Apache httpd versions 1.3.26, 1.3.27, 1.3.28, 1.3.29 and 1.3.31, which were configured to act as proxy servers. Apache httpd 2.0 and other versions of Apache httpd 1.3 are unaffected.
An Apache Week advisory said the buffer overflow can be triggered by getting the mod_proxy feature to connect to a remote server and return an invalid content-length.
The vulnerability is rated ''important'', but the advisory warned that there is the possibility that it could be exploited to run arbitrary code.
The risk of code execution is high on older OpenBSD/FreeBSD distributions because of the internal implementation of memcpy, which re-reads the length value from the stack. On newer BSD distributions, it may be exploitable because the implementation of memcpy will write three arbitrary bytes to an attacker-controlled location, according to the alert.
Linux and UNIX vendors, including Gentoo Linux, OpenBSD, Debian and Red Hat, have all issued updates to protect against the Apache Server bug.
This article was first published on InternetNews.com.