The Apache mod_rewrite scripts (31654 and 31655) for the vulnerability
described in CVE-2006-3747[1] report for Apache versions less than
1.3.28 and 2.0.46, which according to the CVE and other information[2]
are not vulnerable.
[1]: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3747
[2]: http://ciberjacobo.com/sec/mod_rewrite.html
I’ve narrowed the banner matches to the vulnerable versions, patches
attached.
--
Simon Ward
Operations Security Specialist, Westpoint Ltd
Albion Wharf, 19 Albion Street, Manchester M1 5LN, United Kingdom
Web: www.westpoint.ltd.uk
Tel: +44-161-2371028
described in CVE-2006-3747[1] report for Apache versions less than
1.3.28 and 2.0.46, which according to the CVE and other information[2]
are not vulnerable.
[1]: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3747
[2]: http://ciberjacobo.com/sec/mod_rewrite.html
I’ve narrowed the banner matches to the vulnerable versions, patches
attached.
--
Simon Ward
Operations Security Specialist, Westpoint Ltd
Albion Wharf, 19 Albion Street, Manchester M1 5LN, United Kingdom
Web: www.westpoint.ltd.uk
Tel: +44-161-2371028