Three security vulnerabilities have been found in the Apache HTTP server which affect the Apache 2.0 web server bundled with Solaris 10.

The first issue, a vulnerability in the mod_rewrite Apache HTTP server module (CVE-2006-3747), may allow a local or remote unprivileged user to execute arbitrary code with the privileges of the Apache 2.0 process or cause a Denial of Service (DoS) to the Apache HTTP process. The Apache 2.0 HTTP process normally runs as the unprivileged user "webservd" (uid 80).

The second issue, a vulnerability in the mod_ssl Apache HTTP server module (CVE-2005-3357), may allow a local or remote unprivileged user to cause a Denial of Service (DoS) to the Apache HTTP process.

The third issue, a Cross Site Scripting (CSS or XSS) vulnerability in the mod_imap Apache HTTP server module (CVE-2005-3352), may allow a local or remote unprivileged user to steal cookie information, hijack sessions, or cause a loss of data privacy between a client and the server.

Additional information regarding these issues is available at:

• The Change Log for Apache 2.0, at: http://www.apache.org/dist/httpd/CHANGES_2.0
• CERT VU#395412 at: http://www.kb.cert.org/vuls/id/395412
• CVE-2006-3747 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747
• CVE-2005-3352 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
• CVE-2005-3357 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357