Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0042

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0042
Last Modified 19 May 2011 12:00:00
Published 18 Feb 2006 04:02:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0042

Summary

Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.

Vulnerable Systems

Application

  • Libapreq2 1.0

  • Libapreq2 1.1

  • Libapreq2 1.2

  • Libapreq2 1.3

  • Libapreq2 1.33

  • Libapreq2 2.01 Dev

  • Libapreq2 2.02 Dev

  • Libapreq2 2.03 Dev

  • Libapreq2 2.04 Dev

  • Libapreq2 2.05 Dev

  • Libapreq2 2.06 Dev


References

BID - 16710

DEBIAN - DSA-1000

SECUNIA - 19139

SECUNIA - 18846

XF - libapreq2-parsing-dos(24917)

VUPEN - ADV-2006-0645

GENTOO - GLSA-200604-08

CONFIRM - http://svn.apache.org/viewcvs.cgi/httpd/apreq/tags/v2_07/CHANGES?rev=376998&view=markup

SREASON - 737

SECUNIA - 19658


Last Updated: 27 May 2016 10:41:30