On Wed, Jun 23, 2004 at 03:24:13PM +0200, Marc SCHAEFER wrote: > it seems there is a potential buffer overflow in Apache's mod_proxy. > > Are you aware of it ?
What I believe I heard from our Apache maintainers was that this would only crash the child servicing the request (which isn't even a DoS, really), and did not actually permit the execution of code, but the description in CVE is quite explicit that it is a code execution vulnerability. Can someone confirm? -- - mdz
