CVE-2007-6514

Publication date 21 December 2007

Last updated 24 July 2024

Description

Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
apache	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	7.10 gutsy	Not in release
	7.04 feisty	Ignored end of life, was needed
	6.10 edgy	Ignored end of life, was needed
	6.06 LTS dapper	Not affected
apache2	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	7.10 gutsy	Not affected
	7.04 feisty	Ignored end of life, was needed
	6.10 edgy	Ignored end of life, was needed
	6.06 LTS dapper	Not affected

Notes

kees

should this be considered a bug in smbfs instead?

mdeslaur

It is a bug in smbfs...but kernel versions we have are not vulnerable open("/mnt/test/hosts.php\\", O_RDONLY) = -1 EINVAL (Invalid argument) tested on Dapper, so we're not affected

References

Other references

https://www.cve.org/CVERecord?id=CVE-2007-6514