[Kolab-devel] mod_rewrite (CVE-2006-3747), not vulnerable?
bernhard at intevation.de
Mon Jul 31 16:02:14 CEST 2006
and a look at
server / kolabd / kolabd / templates / httpd.conf.template.in
current Kolab Server instances should not be vulnerable to
mod_rewrite (CVE-2006-3747) in the default configuration,
as we do not give the user a chance to modify the beginning of
the target string.
If someone manually has added other Rewrite rules,
it could introduce a vulnerability and should patch apache.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1310 bytes
Desc: not available
More information about the devel