Accept-Language の値がとても小さいとき mod_authnz_ldapのOOB書き込みの脆弱性
CVE-2017-15710: Out of bound write in mod_authnz_ldap when using too small Accept-Language values.Severity: LowVendor: The Apache Software FoundationVersions Affected:httpd 2.0.23 to 2.0.65httpd 2.2.0 to 2.2.34httpd 2.4.0 to 2.4.29
Mitigation:All httpd users should upgrade to 2.4.30 or later.
References:
コメント
コメントを投稿