Remotely exploitable overflow in mod_mylo for Apache

From: Carl Livitt (carl_at_learningshophull.co.uk)
Date: 07/28/03

Next message: Vade 79: "[PAPER]: Address relay fingerprinting."

Previous message: Bharat Mediratta: "Gallery XSS security advisory (with fix and patch instructions)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: bugtraq@securityfocus.com
Date: Mon, 28 Jul 2003 14:47:21 +0000

There exists a remotely exploitable buffer overflow in the mod_mylo module for
apache.

It is a relatively obscure MySQL logging module for Apache that appears not to
be in widespread use at present. However, it is present in FreeBSD ports, so
may affect FreeBSD slighly more than Linux systems.

Advisory + exploit attached.

Regards,
Carl

text/plain attachment: CLIVITT-2003-5__apache_mod_mylo_.txt

Next message: Vade 79: "[PAPER]: Address relay fingerprinting."

Previous message: Bharat Mediratta: "Gallery XSS security advisory (with fix and patch instructions)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: [Full-Disclosure] Remotely exploitable b/o/f in Apache+mod_mylo
... > It is a relatively obscure MySQL logging module for Apache that appears ...
(Full-Disclosure)
[Full-Disclosure] Remotely exploitable b/o/f in Apache+mod_mylo
... It is a relatively obscure MySQL logging module for Apache that appears not to ...
(Full-Disclosure)