CVE-2002-0653

Name of the Vulnerable Software and Affected Versions mod ssl Apache module versions 2.8.9 and earlier

Description The issue is related to an off-by-one buffer overflow in the ssl compat directive function, which is called by the rewrite command hook. This allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.

Recommendations For mod ssl Apache module versions 2.8.9 and earlier, consider updating to a version later than 2.8.9 to resolve the issue. As a temporary workaround, restrict access to .htaccess files to minimize the risk of exploitation.