[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SUSE Security Announcement: apache,apache2 mod_rewrite problem (SUSE-SA:2006:043)



Hello,

Am Freitag, 28. Juli 2006 17:22 schrieb Marcus Meissner:
>    The following security problem was fixed in the Apache and Apache
>    2 web servers:
>
>    mod_rewrite: Fix an off-by-one security problem in the ldap scheme
>    handling.

Does this mean that this vulnerability only happens when I use LDAP 
_and_ mod_rewrite with Apache?
Or does a "simple" use of mod_rewrite without LDAP also have this 
problem?
(Or does ldap mean anything else than the (in)famous directory service 
here?)

Some clarification would be helpful ;-)
(The announcement on apache.org does not even mention LDAP...)


Regards,

Christian Boltz, no random sig today ;-)
-- 
LDAP! Ich wollte Rollschuhe, und sie banden mir an jeden Fuss
einen Panzer. [Ratti in suse-linux]

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here