Vulnerable Systems:
* Apache versions 1.3.28 through 1.3.36
* Apache versions 2.0.46 through 2.0.58
* Apache versions 2.2.0 through 2.2.2
Immune Systems:
* Apache versions 1.3.37
* Apache versions 2.0.59
* Apache versions 2.2.2
Off-by-one error in the the LDAP scheme handling in the Rewrite module(mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versionsbefore 2.0.59, and 2.2, when RewriteEngine is enabled, allows remoteattackers to cause a denial of service (application crash) and possiblyexecute arbitrary code via crafted URLs that are not properly handledusing certain rewrite rules.
