Support / Security / Advisories / Mandrakelinux 6.0 / MDKSA-2000:060

Package name: apache
Date: 2000-10-11
Advisory ID: MDKSA-2000:060
Affected versions: 6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586

Problem description

The Apache web server comes with a module called mod_rewrite which is used to rewrite URLs presented by the client prior to further processing. There is a flaw in the mod_rewrite logic that allows an attacker to view arbitrary files on the server system if they contain regular expression references. All Linux-Mandrake users using Apache are encouraged to upgrade to these updated versions that fix this flaw.

Updated packages

6.1 i586

 890f342e3d33a73978b9ec60d53f3c54  6.1/RPMS/apache-1.3.9-8mdk.i586.rpm
4308ebc3b5c496b74173d0af0cb43de9  6.1/RPMS/apache-devel-1.3.9-8mdk.i586.rpm
6fea96bb3c5e6696a2322134d6245937  6.1/SRPMS/apache-1.3.9-8mdk.src.rpm

6.0 i586

 77fa37ac213493d94f5817f93710cbb8  6.0/RPMS/apache-1.3.6-29mdk.i586.rpm
8c51afd87ab8be5b08bc2d02fdc37298  6.0/RPMS/apache-devel-1.3.6-29mdk.i586.rpm
ec94ecd38c6a33dc5c77f7cf323d4791  6.0/SRPMS/apache-1.3.6-29mdk.src.rpm

7.0 i586

 094ae1b8764bd6c71519fe051b735e21  7.0/RPMS/apache-1.3.9-18mdk.i586.rpm
dc298d04f25fe4f5a895e898606b8551  7.0/RPMS/apache-devel-1.3.9-18mdk.i586.rpm
7fe54f76cf8f5b46d35ba44944783811  7.0/RPMS/apache-suexec-1.3.9-18mdk.i586.rpm
c0eeda6da43ac82e2625950738287183  7.0/SRPMS/apache-1.3.9-18mdk.src.rpm

7.1 i586

 990b35197aee4fe36d9c26b709279108  7.1/RPMS/apache-1.3.12-13mdk.i586.rpm
973cf2b01f1d1030b672011288188c50  7.1/RPMS/apache-devel-1.3.12-13mdk.i586.rpm
69e5ff252a7481b36d2f44bc17c48e63  7.1/RPMS/apache-suexec-1.3.12-13mdk.i586.rpm
6fda77a7960e3a38a16ab794b6a8050a  7.1/SRPMS/apache-1.3.12-13mdk.src.rpm