VULHUB ™

mod_rewrite is a module shipped with Apache 1.2 and later. It is used to map special URLS to absolute files on the web server's filesystem. If a RewriteRule directive is expressed whose result maps to a filename containing regular expression references, the result may provide an attacker with the ability to view arbitrary files on the host. example RewriteRule directives: (the first two are vulnerable) RewriteRule /test/(.*) /usr/local/data/test-stuff/$1 RewriteRule /more-icons/(.*) /icons/$1 RewriteRule /go/(.*) http://www.apacheweek.com/$1 (excerpted from Apache development list 09-22 and amended by Tony Finch <dot@dotat.at>)

mod_rewrite is a module shipped with Apache 1.2 and later. It is used to map special URLS to absolute files on the web server's filesystem. If a RewriteRule directive is expressed whose result maps to a filename containing regular expression references, the result may provide an attacker with the ability to view arbitrary files on the host. example RewriteRule directives: (the first two are vulnerable) RewriteRule /test/(.*) /usr/local/data/test-stuff/$1 RewriteRule /more-icons/(.*) /icons/$1 RewriteRule /go/(.*) http://www.apacheweek.com/$1 (excerpted from Apache development list 09-22 and amended by Tony Finch <dot@dotat.at>)