CVE-2003-0842

Name of the Vulnerable Software and Affected Versions mod gzip versions 1.3.26.1a and earlier

Description The issue is a stack-based buffer overflow in the mod gzip printf function for mod gzip when running in debug mode. This allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header.

Recommendations For mod gzip versions 1.3.26.1a and earlier, consider disabling the mod gzip module or restricting access to it until a fix is available. As a temporary workaround, avoid using the debug mode in mod gzip to minimize the risk of exploitation.