Stack-based buffer overflow in mod_gzip_printf for...
High severity
Unreviewed
Published
Apr 29, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
Nov 17, 2003
Published to the GitHub Advisory Database
Apr 29, 2022
Last updated
Jan 30, 2023
Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header.
References