Описание
Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header.
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.26.1a (включая)
cpe:2.3:a:dag_apt_repository:mod_gzip:*:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01734
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 22 года назад
Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a ...
github
больше 3 лет назад
Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header.
EPSS
Процентиль: 82%
0.01734
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other