Vulnerability-Lookup

CVE-2006-3747 (GCVE-0-2006-3747)

Vulnerability from cvelistv5 – Published: 2006-07-28 22:00 – Updated: 2024-08-07 18:39

Summary

Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://secunia.com/advisories/21266	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/21307	third-party-advisoryx_refsource_SECUNIA
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2006/3995	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/450321/100…	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2006/4300	vdb-entryx_refsource_VUPEN
	http://lists.grok.org.uk/pipermail/full-disclosur…	mailing-listx_refsource_FULLDISC
	http://secunia.com/advisories/23028	third-party-advisoryx_refsource_SECUNIA
	http://svn.apache.org/viewvc?view=rev&revision=426144	x_refsource_MISC
	http://www.vupen.com/english/advisories/2006/3282	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/21284	third-party-advisoryx_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://kbase.redhat.com/faq/FAQ_68_8653.shtm	x_refsource_MISC
	http://secunia.com/advisories/22523	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/1246…	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/450321/100…	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=130497311408250&w=2	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/23260	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/3264	vdb-entryx_refsource_VUPEN
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://www.vupen.com/english/advisories/2008/0924…	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/21313	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29849	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/4015	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/21273	third-party-advisoryx_refsource_SECUNIA
	http://www.us-cert.gov/cas/techalerts/TA08-150A.html	third-party-advisoryx_refsource_CERT
	http://secunia.com/advisories/21478	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/441487/100…	mailing-listx_refsource_BUGTRAQ
	http://security.gentoo.org/glsa/glsa-200608-01.xml	vendor-advisoryx_refsource_GENTOO
	http://www.securityfocus.com/archive/1/441485/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/22368	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/26329	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/445206/100…	vendor-advisoryx_refsource_HP
	http://www14.software.ibm.com/webapp/set2/subscri…	x_refsource_CONFIRM
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://secunia.com/advisories/29420	third-party-advisoryx_refsource_SECUNIA
	http://www.apache.org/dist/httpd/Announcement2.0.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/19204	vdb-entryx_refsource_BID
	http://secunia.com/advisories/21245	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/4868	vdb-entryx_refsource_VUPEN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/30430	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/4207	vdb-entryx_refsource_VUPEN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://marc.info/?l=bugtraq&m=130497311408250&w=2	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/21315	third-party-advisoryx_refsource_SECUNIA
	http://www.kb.cert.org/vuls/id/395412	third-party-advisoryx_refsource_CERT-VN
	http://secunia.com/advisories/21509	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/21346	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/445206/100…	vendor-advisoryx_refsource_HP
	http://securitytracker.com/id?1016601	vdb-entryx_refsource_SECTRACK
	http://docs.info.apple.com/article.html?artnum=307562	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/441526/100…	mailing-listx_refsource_BUGTRAQ
	http://www.debian.org/security/2006/dsa-1131	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/21247	third-party-advisoryx_refsource_SECUNIA
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://www.vupen.com/english/advisories/2006/3884	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2008/1697	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/443870/100…	mailing-listx_refsource_BUGTRAQ
	https://issues.rpath.com/browse/RPL-538	x_refsource_CONFIRM
	http://secunia.com/advisories/22262	third-party-advisoryx_refsource_SECUNIA
	http://www.openpkg.org/security/advisories/OpenPK…	vendor-advisoryx_refsource_OPENPKG
	http://securityreason.com/securityalert/1312	third-party-advisoryx_refsource_SREASON
	http://www.debian.org/security/2006/dsa-1132	vendor-advisoryx_refsource_DEBIAN
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/21241	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/3017	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2007/2783	vdb-entryx_refsource_VUPEN
	http://lists.grok.org.uk/pipermail/full-disclosur…	mailing-listx_refsource_FULLDISC
	http://www.ubuntu.com/usn/usn-328-1	vendor-advisoryx_refsource_UBUNTU
	http://www-1.ibm.com/support/docview.wss?uid=swg2…	vendor-advisoryx_refsource_AIXAPAR
	http://www.osvdb.org/27588	vdb-entryx_refsource_OSVDB
	http://lwn.net/Alerts/194228/	vendor-advisoryx_refsource_TRUSTIX
	http://secunia.com/advisories/22388	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/21197	third-party-advisoryx_refsource_SECUNIA
	https://lists.apache.org/thread.html/54a42d4b0196…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/5df9bfb86a3b…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r0276683d8e1…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r8828e649175…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/rf6449464fd8…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r5419c9ba095…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r652fc951306…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r2cb985de917…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r9e862225418…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/reb542d2038e…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/rafd145ba6cd…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/rdca61ae9906…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r9f93cf6dde3…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r75cbe9ea3e2…	mailing-listx_refsource_MLIST

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:39:54.031Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "21266",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21266"
          },
          {
            "name": "21307",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21307"
          },
          {
            "name": "HPSBMA02250",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
          },
          {
            "name": "ADV-2006-3995",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3995"
          },
          {
            "name": "apache-modrewrite-offbyone-bo(28063)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28063"
          },
          {
            "name": "102662",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"
          },
          {
            "name": "SSRT071293",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951"
          },
          {
            "name": "SSRT061265",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
          },
          {
            "name": "ADV-2006-4300",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4300"
          },
          {
            "name": "20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html"
          },
          {
            "name": "23028",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23028"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=rev\u0026revision=426144"
          },
          {
            "name": "ADV-2006-3282",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3282"
          },
          {
            "name": "21284",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21284"
          },
          {
            "name": "PK29156",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://kbase.redhat.com/faq/FAQ_68_8653.shtm"
          },
          {
            "name": "22523",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22523"
          },
          {
            "name": "ADV-2008-1246",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1246/references"
          },
          {
            "name": "HPSBUX02164",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
          },
          {
            "name": "SSRT090208",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "name": "23260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23260"
          },
          {
            "name": "ADV-2006-3264",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3264"
          },
          {
            "name": "SUSE-SA:2006:043",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_43_apache.html"
          },
          {
            "name": "ADV-2008-0924",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0924/references"
          },
          {
            "name": "21313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21313"
          },
          {
            "name": "29849",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29849"
          },
          {
            "name": "ADV-2006-4015",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4015"
          },
          {
            "name": "21273",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21273"
          },
          {
            "name": "TA08-150A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
          },
          {
            "name": "21478",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21478"
          },
          {
            "name": "20060728 Apache mod_rewrite Buffer Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/441487/100/0/threaded"
          },
          {
            "name": "GLSA-200608-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200608-01.xml"
          },
          {
            "name": "20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/441485/100/0/threaded"
          },
          {
            "name": "22368",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22368"
          },
          {
            "name": "26329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "name": "HPSBUX02145",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117"
          },
          {
            "name": "102663",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1"
          },
          {
            "name": "29420",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29420"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.apache.org/dist/httpd/Announcement2.0.html"
          },
          {
            "name": "19204",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19204"
          },
          {
            "name": "21245",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21245"
          },
          {
            "name": "ADV-2006-4868",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4868"
          },
          {
            "name": "APPLE-SA-2008-03-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
          },
          {
            "name": "HPSBMA02328",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
          },
          {
            "name": "30430",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30430"
          },
          {
            "name": "ADV-2006-4207",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4207"
          },
          {
            "name": "APPLE-SA-2008-05-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
          },
          {
            "name": "MDKSA-2006:133",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133"
          },
          {
            "name": "HPSBOV02683",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "name": "21315",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21315"
          },
          {
            "name": "VU#395412",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/395412"
          },
          {
            "name": "21509",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21509"
          },
          {
            "name": "21346",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21346"
          },
          {
            "name": "SSRT061202",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
          },
          {
            "name": "1016601",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016601"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307562"
          },
          {
            "name": "20060728 rPSA-2006-0139-1 httpd mod_ssl",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/441526/100/200/threaded"
          },
          {
            "name": "DSA-1131",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1131"
          },
          {
            "name": "21247",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21247"
          },
          {
            "name": "SSRT061275",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
          },
          {
            "name": "ADV-2006-3884",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3884"
          },
          {
            "name": "ADV-2008-1697",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1697"
          },
          {
            "name": "20060820 POC \u0026 exploit for Apache mod_rewrite off-by-one",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/443870/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-538"
          },
          {
            "name": "22262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22262"
          },
          {
            "name": "OpenPKG-SA-2006.015",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENPKG",
              "x_transferred"
            ],
            "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html"
          },
          {
            "name": "1312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1312"
          },
          {
            "name": "DSA-1132",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1132"
          },
          {
            "name": "PK29154",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154"
          },
          {
            "name": "21241",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21241"
          },
          {
            "name": "ADV-2006-3017",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3017"
          },
          {
            "name": "ADV-2007-2783",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "name": "20060728 Apache 1.3.29/2.X mod_rewrite Buffer Overflow Vulnerability CVE-2006-3747",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html"
          },
          {
            "name": "USN-328-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-328-1"
          },
          {
            "name": "PK27875",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
          },
          {
            "name": "27588",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/27588"
          },
          {
            "name": "2006-0044",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://lwn.net/Alerts/194228/"
          },
          {
            "name": "22388",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22388"
          },
          {
            "name": "21197",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21197"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-27T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-06T14:10:36.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "21266",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21266"
        },
        {
          "name": "21307",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21307"
        },
        {
          "name": "HPSBMA02250",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
        },
        {
          "name": "ADV-2006-3995",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3995"
        },
        {
          "name": "apache-modrewrite-offbyone-bo(28063)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28063"
        },
        {
          "name": "102662",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"
        },
        {
          "name": "SSRT071293",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951"
        },
        {
          "name": "SSRT061265",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
        },
        {
          "name": "ADV-2006-4300",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4300"
        },
        {
          "name": "20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html"
        },
        {
          "name": "23028",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23028"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://svn.apache.org/viewvc?view=rev\u0026revision=426144"
        },
        {
          "name": "ADV-2006-3282",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3282"
        },
        {
          "name": "21284",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21284"
        },
        {
          "name": "PK29156",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://kbase.redhat.com/faq/FAQ_68_8653.shtm"
        },
        {
          "name": "22523",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22523"
        },
        {
          "name": "ADV-2008-1246",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1246/references"
        },
        {
          "name": "HPSBUX02164",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
        },
        {
          "name": "SSRT090208",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
        },
        {
          "name": "23260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23260"
        },
        {
          "name": "ADV-2006-3264",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3264"
        },
        {
          "name": "SUSE-SA:2006:043",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_43_apache.html"
        },
        {
          "name": "ADV-2008-0924",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0924/references"
        },
        {
          "name": "21313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21313"
        },
        {
          "name": "29849",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29849"
        },
        {
          "name": "ADV-2006-4015",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4015"
        },
        {
          "name": "21273",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21273"
        },
        {
          "name": "TA08-150A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
        },
        {
          "name": "21478",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21478"
        },
        {
          "name": "20060728 Apache mod_rewrite Buffer Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/441487/100/0/threaded"
        },
        {
          "name": "GLSA-200608-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200608-01.xml"
        },
        {
          "name": "20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/441485/100/0/threaded"
        },
        {
          "name": "22368",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22368"
        },
        {
          "name": "26329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26329"
        },
        {
          "name": "HPSBUX02145",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117"
        },
        {
          "name": "102663",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1"
        },
        {
          "name": "29420",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29420"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.apache.org/dist/httpd/Announcement2.0.html"
        },
        {
          "name": "19204",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19204"
        },
        {
          "name": "21245",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21245"
        },
        {
          "name": "ADV-2006-4868",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4868"
        },
        {
          "name": "APPLE-SA-2008-03-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
        },
        {
          "name": "HPSBMA02328",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
        },
        {
          "name": "30430",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30430"
        },
        {
          "name": "ADV-2006-4207",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4207"
        },
        {
          "name": "APPLE-SA-2008-05-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
        },
        {
          "name": "MDKSA-2006:133",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133"
        },
        {
          "name": "HPSBOV02683",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
        },
        {
          "name": "21315",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21315"
        },
        {
          "name": "VU#395412",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/395412"
        },
        {
          "name": "21509",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21509"
        },
        {
          "name": "21346",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21346"
        },
        {
          "name": "SSRT061202",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
        },
        {
          "name": "1016601",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016601"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307562"
        },
        {
          "name": "20060728 rPSA-2006-0139-1 httpd mod_ssl",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/441526/100/200/threaded"
        },
        {
          "name": "DSA-1131",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1131"
        },
        {
          "name": "21247",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21247"
        },
        {
          "name": "SSRT061275",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
        },
        {
          "name": "ADV-2006-3884",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3884"
        },
        {
          "name": "ADV-2008-1697",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1697"
        },
        {
          "name": "20060820 POC \u0026 exploit for Apache mod_rewrite off-by-one",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/443870/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-538"
        },
        {
          "name": "22262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22262"
        },
        {
          "name": "OpenPKG-SA-2006.015",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENPKG"
          ],
          "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html"
        },
        {
          "name": "1312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1312"
        },
        {
          "name": "DSA-1132",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1132"
        },
        {
          "name": "PK29154",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154"
        },
        {
          "name": "21241",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21241"
        },
        {
          "name": "ADV-2006-3017",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3017"
        },
        {
          "name": "ADV-2007-2783",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2783"
        },
        {
          "name": "20060728 Apache 1.3.29/2.X mod_rewrite Buffer Overflow Vulnerability CVE-2006-3747",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html"
        },
        {
          "name": "USN-328-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-328-1"
        },
        {
          "name": "PK27875",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
        },
        {
          "name": "27588",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/27588"
        },
        {
          "name": "2006-0044",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://lwn.net/Alerts/194228/"
        },
        {
          "name": "22388",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22388"
        },
        {
          "name": "21197",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21197"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-3747",
    "datePublished": "2006-07-28T22:00:00.000Z",
    "dateReserved": "2006-07-20T04:00:00.000Z",
    "dateUpdated": "2024-08-07T18:39:54.031Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2008-AVI-148

Vulnerability from certfr_avis - Published: 2008-03-19 - Updated: 2008-03-19

None

Description

De multiples vulnérabilités ont été découvertes dans le système d'exploitation Apple Mac OS X. L'exploitation de ces vulnérabilités permet à un individu malveillant diverses actions dont exécuter du code arbitaire à distance, effectuer un déni de service, contourner la politique de sécurité, élever ses privilèges et effectuer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité Apple 307562 pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Apple Mac Os X version 10.4.11 et antérieures ;
	Apple	N/A	Apple Mac Os X version 10.5.2 et antérieures.

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 307562 du 18 mars 2008

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple Mac Os X version 10.4.11 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Mac Os X version 10.5.2 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le syst\u00e8me\nd\u0027exploitation Apple Mac OS X. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s\npermet \u00e0 un individu malveillant diverses actions dont ex\u00e9cuter du code\narbitaire \u00e0 distance, effectuer un d\u00e9ni de service, contourner la\npolitique de s\u00e9curit\u00e9, \u00e9lever ses privil\u00e8ges et effectuer une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Apple 307562 pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0063"
    },
    {
      "name": "CVE-2008-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0060"
    },
    {
      "name": "CVE-2007-3847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3847"
    },
    {
      "name": "CVE-2007-6109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6109"
    },
    {
      "name": "CVE-2007-1661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1661"
    },
    {
      "name": "CVE-2008-0882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0882"
    },
    {
      "name": "CVE-2007-6336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6336"
    },
    {
      "name": "CVE-2007-2799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2799"
    },
    {
      "name": "CVE-2006-3747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3747"
    },
    {
      "name": "CVE-2007-5000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5000"
    },
    {
      "name": "CVE-2008-1089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1089"
    },
    {
      "name": "CVE-2008-0005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0005"
    },
    {
      "name": "CVE-2007-4768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4768"
    },
    {
      "name": "CVE-2008-0059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0059"
    },
    {
      "name": "CVE-2008-1000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1000"
    },
    {
      "name": "CVE-2007-1660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1660"
    },
    {
      "name": "CVE-2007-4568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4568"
    },
    {
      "name": "CVE-2007-3378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3378"
    },
    {
      "name": "CVE-2008-0052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0052"
    },
    {
      "name": "CVE-2008-0990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0990"
    },
    {
      "name": "CVE-2008-0995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0995"
    },
    {
      "name": "CVE-2007-0898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0898"
    },
    {
      "name": "CVE-2007-5266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5266"
    },
    {
      "name": "CVE-2008-0055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0055"
    },
    {
      "name": "CVE-2007-1997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1997"
    },
    {
      "name": "CVE-2007-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1659"
    },
    {
      "name": "CVE-2007-6337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6337"
    },
    {
      "name": "CVE-2008-0044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0044"
    },
    {
      "name": "CVE-2008-0045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0045"
    },
    {
      "name": "CVE-2007-5971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5971"
    },
    {
      "name": "CVE-2008-0046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0046"
    },
    {
      "name": "CVE-2008-0047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0047"
    },
    {
      "name": "CVE-2007-6335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6335"
    },
    {
      "name": "CVE-2007-5267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5267"
    },
    {
      "name": "CVE-2007-3725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3725"
    },
    {
      "name": "CVE-2008-0054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0054"
    },
    {
      "name": "CVE-2008-0996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0996"
    },
    {
      "name": "CVE-2007-5268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5268"
    },
    {
      "name": "CVE-2007-6203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6203"
    },
    {
      "name": "CVE-2008-0051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0051"
    },
    {
      "name": "CVE-2007-3799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3799"
    },
    {
      "name": "CVE-2008-0048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0048"
    },
    {
      "name": "CVE-2007-1662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1662"
    },
    {
      "name": "CVE-2006-3334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3334"
    },
    {
      "name": "CVE-2008-0998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0998"
    },
    {
      "name": "CVE-2007-0897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0897"
    },
    {
      "name": "CVE-2008-0318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0318"
    },
    {
      "name": "CVE-2007-6429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6429"
    },
    {
      "name": "CVE-2007-4510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4510"
    },
    {
      "name": "CVE-2007-5269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5269"
    },
    {
      "name": "CVE-2007-5795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5795"
    },
    {
      "name": "CVE-2008-0006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0006"
    },
    {
      "name": "CVE-2008-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0062"
    },
    {
      "name": "CVE-2008-0728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0728"
    },
    {
      "name": "CVE-2007-2445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2445"
    },
    {
      "name": "CVE-2008-0049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0049"
    },
    {
      "name": "CVE-2007-1745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1745"
    },
    {
      "name": "CVE-2007-6427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6427"
    },
    {
      "name": "CVE-2008-0987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0987"
    },
    {
      "name": "CVE-2008-0993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0993"
    },
    {
      "name": "CVE-2008-0988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0988"
    },
    {
      "name": "CVE-2008-0056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0056"
    },
    {
      "name": "CVE-2008-0992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0992"
    },
    {
      "name": "CVE-2006-5793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5793"
    },
    {
      "name": "CVE-2007-6428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6428"
    },
    {
      "name": "CVE-2008-0989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0989"
    },
    {
      "name": "CVE-2005-3352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3352"
    },
    {
      "name": "CVE-2008-0053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0053"
    },
    {
      "name": "CVE-2007-4767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4767"
    },
    {
      "name": "CVE-2008-0050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0050"
    },
    {
      "name": "CVE-2007-5958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5958"
    },
    {
      "name": "CVE-2006-6481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6481"
    },
    {
      "name": "CVE-2008-0994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0994"
    },
    {
      "name": "CVE-2007-6421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6421"
    },
    {
      "name": "CVE-2008-0058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0058"
    },
    {
      "name": "CVE-2007-4752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4752"
    },
    {
      "name": "CVE-2008-0999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0999"
    },
    {
      "name": "CVE-2007-4560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4560"
    },
    {
      "name": "CVE-2007-4990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4990"
    },
    {
      "name": "CVE-2007-4766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4766"
    },
    {
      "name": "CVE-2007-6388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6388"
    },
    {
      "name": "CVE-2008-0596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0596"
    },
    {
      "name": "CVE-2007-4887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4887"
    }
  ],
  "initial_release_date": "2008-03-19T00:00:00",
  "last_revision_date": "2008-03-19T00:00:00",
  "links": [],
  "reference": "CERTA-2008-AVI-148",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-03-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 307562 du 18 mars 2008",
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    }
  ]
}

CERTA-2008-AVI-278

Vulnerability from certfr_avis - Published: 2008-05-29 - Updated: 2008-05-29

Plusieurs vulnérabilités concernant le système d'exploitation Apple Mac OS X ont été identifiées. L'exploitation de ces dernières peut avoir plusieurs conséquences, dont des exécutions de codes arbitraires à distance.

Description

Plusieurs vulnérabilités concernant le système d'exploitation Apple Mac OS X ont été identifiées :

le serveur AFP (Apple Filing Protocol) ne vérifie pas correctement la cohérence d'accès entre répertoires et fichiers.
le serveur Apache est mis à jour en 2.0.63 pour les versions Mac OS X Server v10.4.x ; nouvelle version qui corrige des vulnérabilités permettant des attaques par injection de code indirecte ;
l'impression d'un document PDF spécialement construit par ATS peut provoquer l'exécution de code arbitraire ;
l'impression de documents via CUPS à destination d'une imprimante peut permettre sous certaines conditions de récupérer des informations sensibles, y compris si une protection par mot de passe est déployée ;
des vulnérabilités dans le module Flash Player sont corrigées (cf. CERTA-2008-AVI-197) ;
les vulnérabilités détaillées dans l'alerte CERTA-2008-ALE-007 concernant iCal sont corrigées ;
etc.

Solution

Se référer au bulletin de sécurité Apple pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Apple Mac 0S X versions v10.4.x.
	Apple	N/A	Apple Mac OS X version v10.5.x ;

References

Title

Publication Time

Tags

Mises à jour de sécurité Apple 2008-003 du 28 mai 2008	None	vendor-advisory
Alerte CERTA-2008-ALE-007, « Multiples vulnérabilités dans Apple Ical », du 23 mai 2008 :	-	other
Détails de la mise à jour de sécurité 2008-003 / Mac OS X 10.5.3 :	-	other
Bulletin de sécurité Apple 106704 du 28 mai 2008 :	-	other
Tableau récapitulatif des mises à jour de sécurité pour Mac OS X :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple Mac 0S X versions v10.4.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Mac OS X version v10.5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s concernant le syst\u00e8me d\u0027exploitation Apple Mac\nOS X ont \u00e9t\u00e9 identifi\u00e9es :\n\n-   le serveur AFP (Apple Filing Protocol) ne v\u00e9rifie pas correctement\n    la coh\u00e9rence d\u0027acc\u00e8s entre r\u00e9pertoires et fichiers.\n-   le serveur Apache est mis \u00e0 jour en 2.0.63 pour les versions Mac OS\n    X Server v10.4.x ; nouvelle version qui corrige des vuln\u00e9rabilit\u00e9s\n    permettant des attaques par injection de code indirecte ;\n-   l\u0027impression d\u0027un document PDF sp\u00e9cialement construit par ATS peut\n    provoquer l\u0027ex\u00e9cution de code arbitraire ;\n-   l\u0027impression de documents via CUPS \u00e0 destination d\u0027une imprimante\n    peut permettre sous certaines conditions de r\u00e9cup\u00e9rer des\n    informations sensibles, y compris si une protection par mot de passe\n    est d\u00e9ploy\u00e9e ;\n-   des vuln\u00e9rabilit\u00e9s dans le module Flash Player sont corrig\u00e9es (cf.\n    CERTA-2008-AVI-197) ;\n-   les vuln\u00e9rabilit\u00e9s d\u00e9taill\u00e9es dans l\u0027alerte CERTA-2008-ALE-007\n    concernant iCal sont corrig\u00e9es ;\n-   etc.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Apple pour l\u0027obtention des correctifs\n(cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-1574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1574"
    },
    {
      "name": "CVE-2008-1032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1032"
    },
    {
      "name": "CVE-2007-3847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3847"
    },
    {
      "name": "CVE-2008-1572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1572"
    },
    {
      "name": "CVE-2008-1655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1655"
    },
    {
      "name": "CVE-2006-3747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3747"
    },
    {
      "name": "CVE-2007-5000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5000"
    },
    {
      "name": "CVE-2008-1575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1575"
    },
    {
      "name": "CVE-2008-1031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1031"
    },
    {
      "name": "CVE-2008-1571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1571"
    },
    {
      "name": "CVE-2008-1027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1027"
    },
    {
      "name": "CVE-2008-1577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1577"
    },
    {
      "name": "CVE-2008-1576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1576"
    },
    {
      "name": "CVE-2008-1035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1035"
    },
    {
      "name": "CVE-2007-6612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6612"
    },
    {
      "name": "CVE-2005-3357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3357"
    },
    {
      "name": "CVE-2008-1573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1573"
    },
    {
      "name": "CVE-2008-1036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1036"
    },
    {
      "name": "CVE-2008-1028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1028"
    },
    {
      "name": "CVE-2007-5267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5267"
    },
    {
      "name": "CVE-2007-5268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5268"
    },
    {
      "name": "CVE-2008-1033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1033"
    },
    {
      "name": "CVE-2007-6019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6019"
    },
    {
      "name": "CVE-2007-5275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5275"
    },
    {
      "name": "CVE-2008-1030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1030"
    },
    {
      "name": "CVE-2008-1578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1578"
    },
    {
      "name": "CVE-2008-1034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1034"
    },
    {
      "name": "CVE-2007-5269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5269"
    },
    {
      "name": "CVE-2008-0177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0177"
    },
    {
      "name": "CVE-2007-6243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6243"
    },
    {
      "name": "CVE-2008-1579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1579"
    },
    {
      "name": "CVE-2008-1580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1580"
    },
    {
      "name": "CVE-2007-6359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6359"
    },
    {
      "name": "CVE-2008-1654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1654"
    },
    {
      "name": "CVE-2005-3352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3352"
    },
    {
      "name": "CVE-2007-0071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0071"
    },
    {
      "name": "CVE-2007-4465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4465"
    },
    {
      "name": "CVE-2007-6388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6388"
    },
    {
      "name": "CVE-2007-1863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1863"
    }
  ],
  "initial_release_date": "2008-05-29T00:00:00",
  "last_revision_date": "2008-05-29T00:00:00",
  "links": [
    {
      "title": "Alerte CERTA-2008-ALE-007, \u00ab Multiples vuln\u00e9rabilit\u00e9s dans    Apple Ical \u00bb, du 23 mai 2008 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2008-ALE-007/"
    },
    {
      "title": "D\u00e9tails de la mise \u00e0 jour de s\u00e9curit\u00e9 2008-003 / Mac OS X    10.5.3 :",
      "url": "http://support.apple.com/kb/HT1897"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 106704 du 28 mai 2008 :",
      "url": "http://docs.info.apple.com/article.html?artnum=106704"
    },
    {
      "title": "Tableau r\u00e9capitulatif des mises \u00e0 jour de s\u00e9curit\u00e9 pour Mac    OS X :",
      "url": "http://support.apple.com/kb/HT1222?viewlocale=fr_FR"
    }
  ],
  "reference": "CERTA-2008-AVI-278",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-05-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s concernant le syst\u00e8me d\u0027exploitation Apple Mac\nOS X ont \u00e9t\u00e9 identifi\u00e9es. L\u0027exploitation de ces derni\u00e8res peut avoir\nplusieurs cons\u00e9quences, dont des ex\u00e9cutions de codes arbitraires \u00e0\ndistance.\n",
  "title": "Mutliples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Mises \u00e0 jour de s\u00e9curit\u00e9 Apple 2008-003 du 28 mai 2008",
      "url": null
    }
  ]
}

CERTA-2006-AVI-315

Vulnerability from certfr_avis - Published: 2006-08-01 - Updated: 2006-09-08

Une vulnérabilité dans le serveur web Apache httpd permet à un utilisateur distant mal intentionné de provoquer un déni de service ou d'exécuter du code arbitraire.

Description

Apache httpd dispose d'un module nommé Rewrite (mod_rewrite) permettant la ré-écriture « à la volée » d'adresses réticulaires ( URL ). Une erreur dans ce module permet à un utilisateur distant mal intentionné de réaliser une attaque de type débordement de tampon. Il peut ainsi provoquer un déni de service ou exécuter du code arbitraire sur le serveur vulnérable par le biais d'une requête construite de façon particulière.

NB : Bien que ce module ne soit pas activé par défaut dans la version standard de Apache httpd, il peut en être autrement dans certaines distributions GNU/Linux ou dans d'autres systèmes d'exploitation.

Solution

Se référer aux bulletins de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Apache	N/A	Apache httpd version 1.3.36 et antérieures ;
Apache	N/A	Apache httpd version 2.0.58 et antérieures ;
Apache	N/A	Apache httpd version 2.2.2 et antérieures.

References

Title

Publication Time

Tags

Bulletin de sécurité de l'US-CERT #395412	2006-07-27	vendor-advisory
Bulletin de sécurité Ubuntu USN-328-1 du 27 juillet 2006 :	-	other
Bulletin de sécurité Debian DSA 1131 du 30 juillet 2006 :	-	other
Bulletin de sécurité IBM PK29156 du 14 août 2006 pour IBM HTTP Server 2.0.x : 2	-	other
Bulletin de sécurité SuSE SUSE-SA:2006:043 du 28 juillet 2006 :	-	other
Bulletin de mise à jour Debian DSA-1167-1 du 04 septembre 2006 :	-	other
Listes des changements apportés aux versions 1.3.36, 2.0.58, 2.2.2 :	-	other
Listes des changements apportés aux versions 1.3.36, 2.0.58, 2.2.2 :	-	other
Bulletin de sécurité Gentoo GLSA 200608-01 du 01 août 2006 :	-	other
Listes des changements apportés aux versions 1.3.36, 2.0.58, 2.2.2 :	-	other
Bulletin de sécurité Mandriva MDKSA-2006:133 du 28 juillet 2006 :	-	other
Bulletin de sécurité IBM PK29154 du 14 août 2006 pour IBM HTTP Server 6.x :	-	other
Bulletin de sécurité Debian DSA 1132 du 30 juillet 2006 :	-	other
Correctif de sécurité OpenBSD pour httpd du 31 juillet 2006 :	-	other
Alerte de sécurité de l'US-CERT #395412 du 27 juillet 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apache httpd version 1.3.36 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apache",
          "scada": false
        }
      }
    },
    {
      "description": "Apache httpd version 2.0.58 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apache",
          "scada": false
        }
      }
    },
    {
      "description": "Apache httpd version 2.2.2 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apache",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Description\n\nApache httpd dispose d\u0027un module nomm\u00e9 Rewrite (mod_rewrite) permettant\nla r\u00e9-\u00e9criture \u00ab \u00e0 la vol\u00e9e \u00bb d\u0027adresses r\u00e9ticulaires ( URL ). Une\nerreur dans ce module permet \u00e0 un utilisateur distant mal intentionn\u00e9 de\nr\u00e9aliser une attaque de type d\u00e9bordement de tampon. Il peut ainsi\nprovoquer un d\u00e9ni de service ou ex\u00e9cuter du code arbitraire sur le\nserveur vuln\u00e9rable par le biais d\u0027une requ\u00eate construite de fa\u00e7on\nparticuli\u00e8re.  \n\nNB : Bien que ce module ne soit pas activ\u00e9 par d\u00e9faut dans la version\nstandard de Apache httpd, il peut en \u00eatre autrement dans certaines\ndistributions GNU/Linux ou dans d\u0027autres syst\u00e8mes d\u0027exploitation.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 des \u00e9diteurs pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3747"
    }
  ],
  "initial_release_date": "2006-08-01T00:00:00",
  "last_revision_date": "2006-09-08T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-328-1 du 27 juillet 2006 :",
      "url": "http://www.ubuntu.com/usn/usn-328-1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1131 du 30 juillet 2006 :",
      "url": "http://www.debian.org/security/dsa-1131"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 IBM PK29156 du 14 ao\u00fbt 2006 pour IBM    HTTP Server 2.0.x : 2  ",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2006:043 du 28 juillet    2006 :",
      "url": "http://www.novell.com/linux/security/advisories/2006_43_apache.html"
    },
    {
      "title": "Bulletin de mise \u00e0 jour Debian DSA-1167-1 du 04 septembre    2006 :",
      "url": "http://www.debian.org/security/2006/dsa-1167"
    },
    {
      "title": "Listes des changements apport\u00e9s aux versions 1.3.36,    2.0.58, 2.2.2 :",
      "url": "http://www.apache.org/dist/httpd/Announcement2.0.html"
    },
    {
      "title": "Listes des changements apport\u00e9s aux versions 1.3.36,    2.0.58, 2.2.2 :",
      "url": "http://www.apache.org/dist/httpd/Announcement1.3.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200608-01 du 01 ao\u00fbt 2006    :",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-01.xml"
    },
    {
      "title": "Listes des changements apport\u00e9s aux versions 1.3.36,    2.0.58, 2.2.2 :",
      "url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:133 du 28 juillet    2006 :",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 IBM PK29154 du 14 ao\u00fbt 2006 pour IBM    HTTP Server 6.x :",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1132 du 30 juillet 2006 :",
      "url": "http://www.debian.org/security/dsa-1132"
    },
    {
      "title": "Correctif de s\u00e9curit\u00e9 OpenBSD pour httpd du 31 juillet 2006    :",
      "url": "http://openbsd.org/errata.html#httpd"
    },
    {
      "title": "Alerte de s\u00e9curit\u00e9 de l\u0027US-CERT #395412 du 27 juillet 2006    :",
      "url": "http://www.kb.cert.org/vulns/id/395412"
    }
  ],
  "reference": "CERTA-2006-AVI-315",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-08-01T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Gentoo, SuSE, Mandriva et Ubuntu.",
      "revision_date": "2006-08-04T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences IBM HTTP Server PK29154 et PK29156.",
      "revision_date": "2006-08-21T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence \u00e0 la mise \u00e0 jour Debian.",
      "revision_date": "2006-09-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans le serveur web Apache httpd permet \u00e0 un\nutilisateur distant mal intentionn\u00e9 de provoquer un d\u00e9ni de service ou\nd\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Apache httpd",
  "vendor_advisories": [
    {
      "published_at": "2006-07-27",
      "title": "Bulletin de s\u00e9curit\u00e9 de l\u0027US-CERT #395412 ",
      "url": "http://www.kb.cert.org/vulns/id/395412"
    }
  ]
}

CERTA-2008-AVI-214

Vulnerability from certfr_avis - Published: 2008-04-17 - Updated: 2008-04-17

De multiples vulnérabilités permettant l'exécution de code arbitraire depuis un réseau local ont été corrigées dans HP Openview.

Description

HP Openview a publié le 15 avril 2008 un correctif de sécurité permettant de résoudre plusieurs anciennes vulnérabilités présentes au niveau de la version embarquée d'Apache.

Ces vulnérabilités permettent à un utilisateur malintentionné de réaliser de l'injection de code indirecte (XSS), un déni de service à distance depuis le réseau local, ou l'exécution de code arbitraire à distance depuis le réseau local.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	HP Openview Network Node Manager (NNM) 7.51.
N/A	N/A	HP Openview Network Node Manager (NNM) 7.01 ;
N/A	N/A	HP Openview Network Node Manager (NNM) 6.41 ;

References

Title

Publication Time

Tags

Bulletin de sécurité HP HPSBMA02328 du 15 avril 2008

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP Openview Network Node Manager (NNM) 7.51.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Openview Network Node Manager (NNM) 7.01 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Openview Network Node Manager (NNM) 6.41 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nHP Openview a publi\u00e9 le 15 avril 2008 un correctif de s\u00e9curit\u00e9\npermettant de r\u00e9soudre plusieurs anciennes vuln\u00e9rabilit\u00e9s pr\u00e9sentes au\nniveau de la version embarqu\u00e9e d\u0027Apache.\n\nCes vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malintentionn\u00e9 de\nr\u00e9aliser de l\u0027injection de code indirecte (XSS), un d\u00e9ni de service \u00e0\ndistance depuis le r\u00e9seau local, ou l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance depuis le r\u00e9seau local.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3747"
    },
    {
      "name": "CVE-2005-3357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3357"
    },
    {
      "name": "CVE-2005-3352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3352"
    }
  ],
  "initial_release_date": "2008-04-17T00:00:00",
  "last_revision_date": "2008-04-17T00:00:00",
  "links": [],
  "reference": "CERTA-2008-AVI-214",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-04-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s permettant l\u0027ex\u00e9cution de code arbitraire\ndepuis un r\u00e9seau local ont \u00e9t\u00e9 corrig\u00e9es dans HP Openview.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP Openview",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBMA02328 du 15 avril 2008",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
    }
  ]
}

GSD-2006-3747

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-3747

Aliases

CVE-2006-3747

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-3747",
    "description": "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.",
    "id": "GSD-2006-3747",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-3747.html",
      "https://www.debian.org/security/2006/dsa-1132",
      "https://www.debian.org/security/2006/dsa-1131",
      "https://packetstormsecurity.com/files/cve/CVE-2006-3747"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-3747"
      ],
      "details": "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.",
      "id": "GSD-2006-3747",
      "modified": "2023-12-13T01:19:56.813237Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2006-3747",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771",
            "refsource": "MISC",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
          },
          {
            "name": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2",
            "refsource": "MISC",
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "name": "http://secunia.com/advisories/26329",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/2783",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "name": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "http://secunia.com/advisories/22523",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22523"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/4207",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/4207"
          },
          {
            "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117",
            "refsource": "MISC",
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117"
          },
          {
            "name": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449",
            "refsource": "MISC",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
          },
          {
            "name": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
          },
          {
            "name": "http://secunia.com/advisories/22368",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22368"
          },
          {
            "name": "http://secunia.com/advisories/23260",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/23260"
          },
          {
            "name": "http://secunia.com/advisories/29849",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29849"
          },
          {
            "name": "http://secunia.com/advisories/30430",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/30430"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/445206/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
          },
          {
            "name": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
            "refsource": "MISC",
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/3995",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/3995"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/4300",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/4300"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/4868",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/4868"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/1246/references",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/1246/references"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/1697",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/1697"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=307562",
            "refsource": "MISC",
            "url": "http://docs.info.apple.com/article.html?artnum=307562"
          },
          {
            "name": "http://kbase.redhat.com/faq/FAQ_68_8653.shtm",
            "refsource": "MISC",
            "url": "http://kbase.redhat.com/faq/FAQ_68_8653.shtm"
          },
          {
            "name": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
          },
          {
            "name": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html",
            "refsource": "MISC",
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html"
          },
          {
            "name": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html",
            "refsource": "MISC",
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html"
          },
          {
            "name": "http://lwn.net/Alerts/194228/",
            "refsource": "MISC",
            "url": "http://lwn.net/Alerts/194228/"
          },
          {
            "name": "http://secunia.com/advisories/21197",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21197"
          },
          {
            "name": "http://secunia.com/advisories/21241",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21241"
          },
          {
            "name": "http://secunia.com/advisories/21245",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21245"
          },
          {
            "name": "http://secunia.com/advisories/21247",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21247"
          },
          {
            "name": "http://secunia.com/advisories/21266",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21266"
          },
          {
            "name": "http://secunia.com/advisories/21273",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21273"
          },
          {
            "name": "http://secunia.com/advisories/21284",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21284"
          },
          {
            "name": "http://secunia.com/advisories/21307",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21307"
          },
          {
            "name": "http://secunia.com/advisories/21313",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21313"
          },
          {
            "name": "http://secunia.com/advisories/21315",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21315"
          },
          {
            "name": "http://secunia.com/advisories/21346",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21346"
          },
          {
            "name": "http://secunia.com/advisories/21478",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21478"
          },
          {
            "name": "http://secunia.com/advisories/21509",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/21509"
          },
          {
            "name": "http://secunia.com/advisories/22262",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22262"
          },
          {
            "name": "http://secunia.com/advisories/22388",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/22388"
          },
          {
            "name": "http://secunia.com/advisories/23028",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/23028"
          },
          {
            "name": "http://secunia.com/advisories/29420",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29420"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-200608-01.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-200608-01.xml"
          },
          {
            "name": "http://securityreason.com/securityalert/1312",
            "refsource": "MISC",
            "url": "http://securityreason.com/securityalert/1312"
          },
          {
            "name": "http://securitytracker.com/id?1016601",
            "refsource": "MISC",
            "url": "http://securitytracker.com/id?1016601"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1"
          },
          {
            "name": "http://svn.apache.org/viewvc?view=rev\u0026revision=426144",
            "refsource": "MISC",
            "url": "http://svn.apache.org/viewvc?view=rev\u0026revision=426144"
          },
          {
            "name": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154",
            "refsource": "MISC",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154"
          },
          {
            "name": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156",
            "refsource": "MISC",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156"
          },
          {
            "name": "http://www-1.ibm.com/support/docview.wss?uid=swg24013080",
            "refsource": "MISC",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
          },
          {
            "name": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951",
            "refsource": "MISC",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951"
          },
          {
            "name": "http://www.apache.org/dist/httpd/Announcement2.0.html",
            "refsource": "MISC",
            "url": "http://www.apache.org/dist/httpd/Announcement2.0.html"
          },
          {
            "name": "http://www.debian.org/security/2006/dsa-1131",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2006/dsa-1131"
          },
          {
            "name": "http://www.debian.org/security/2006/dsa-1132",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2006/dsa-1132"
          },
          {
            "name": "http://www.kb.cert.org/vuls/id/395412",
            "refsource": "MISC",
            "url": "http://www.kb.cert.org/vuls/id/395412"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2006_43_apache.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2006_43_apache.html"
          },
          {
            "name": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html",
            "refsource": "MISC",
            "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html"
          },
          {
            "name": "http://www.osvdb.org/27588",
            "refsource": "MISC",
            "url": "http://www.osvdb.org/27588"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/441485/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/441485/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/441487/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/441487/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/441526/100/200/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/441526/100/200/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/443870/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/443870/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/450321/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/19204",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/19204"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-328-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-328-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/3017",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/3017"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/3264",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/3264"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/3282",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/3282"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/3884",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/3884"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/4015",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/4015"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/0924/references",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/0924/references"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28063",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28063"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-538",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-538"
          },
          {
            "name": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.2.3",
                "versionStartIncluding": "2.2.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.3.37",
                "versionStartIncluding": "1.3.28",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.0.59",
                "versionStartIncluding": "2.0.46",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-3747"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.apache.org/dist/httpd/Announcement2.0.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.apache.org/dist/httpd/Announcement2.0.html"
            },
            {
              "name": "http://svn.apache.org/viewvc?view=rev\u0026revision=426144",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://svn.apache.org/viewvc?view=rev\u0026revision=426144"
            },
            {
              "name": "VU#395412",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/395412"
            },
            {
              "name": "USN-328-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/usn-328-1"
            },
            {
              "name": "20060728 Apache 1.3.29/2.X mod_rewrite Buffer Overflow Vulnerability CVE-2006-3747",
              "refsource": "FULLDISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html"
            },
            {
              "name": "20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released",
              "refsource": "FULLDISC",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html"
            },
            {
              "name": "OpenPKG-SA-2006.015",
              "refsource": "OPENPKG",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html"
            },
            {
              "name": "SUSE-SA:2006:043",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_43_apache.html"
            },
            {
              "name": "19204",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/19204"
            },
            {
              "name": "1016601",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://securitytracker.com/id?1016601"
            },
            {
              "name": "21197",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21197"
            },
            {
              "name": "21241",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21241"
            },
            {
              "name": "http://kbase.redhat.com/faq/FAQ_68_8653.shtm",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://kbase.redhat.com/faq/FAQ_68_8653.shtm"
            },
            {
              "name": "DSA-1131",
              "refsource": "DEBIAN",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1131"
            },
            {
              "name": "DSA-1132",
              "refsource": "DEBIAN",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1132"
            },
            {
              "name": "GLSA-200608-01",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200608-01.xml"
            },
            {
              "name": "21245",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21245"
            },
            {
              "name": "21266",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21266"
            },
            {
              "name": "21273",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21273"
            },
            {
              "name": "21284",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21284"
            },
            {
              "name": "21313",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21313"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-538",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "https://issues.rpath.com/browse/RPL-538"
            },
            {
              "name": "PK27875",
              "refsource": "AIXAPAR",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
            },
            {
              "name": "PK29154",
              "refsource": "AIXAPAR",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154"
            },
            {
              "name": "PK29156",
              "refsource": "AIXAPAR",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156"
            },
            {
              "name": "27588",
              "refsource": "OSVDB",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.osvdb.org/27588"
            },
            {
              "name": "21307",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21307"
            },
            {
              "name": "21315",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21315"
            },
            {
              "name": "21247",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21247"
            },
            {
              "name": "21478",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21478"
            },
            {
              "name": "21509",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21509"
            },
            {
              "name": "22262",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/22262"
            },
            {
              "name": "102662",
              "refsource": "SUNALERT",
              "tags": [
                "Broken Link"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"
            },
            {
              "name": "102663",
              "refsource": "SUNALERT",
              "tags": [
                "Broken Link"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1"
            },
            {
              "name": "22368",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/22368"
            },
            {
              "name": "22388",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/22388"
            },
            {
              "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117"
            },
            {
              "name": "22523",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/22523"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951"
            },
            {
              "name": "23028",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/23028"
            },
            {
              "name": "23260",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/23260"
            },
            {
              "name": "2006-0044",
              "refsource": "TRUSTIX",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lwn.net/Alerts/194228/"
            },
            {
              "name": "21346",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/21346"
            },
            {
              "name": "MDKSA-2006:133",
              "refsource": "MANDRIVA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133"
            },
            {
              "name": "26329",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/26329"
            },
            {
              "name": "1312",
              "refsource": "SREASON",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://securityreason.com/securityalert/1312"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307562",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://docs.info.apple.com/article.html?artnum=307562"
            },
            {
              "name": "APPLE-SA-2008-03-18",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
            },
            {
              "name": "29420",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/29420"
            },
            {
              "name": "29849",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/29849"
            },
            {
              "name": "APPLE-SA-2008-05-28",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
            },
            {
              "name": "TA08-150A",
              "refsource": "CERT",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
            },
            {
              "name": "30430",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/30430"
            },
            {
              "name": "ADV-2008-1697",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/1697"
            },
            {
              "name": "ADV-2006-3995",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3995"
            },
            {
              "name": "ADV-2006-4300",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4300"
            },
            {
              "name": "ADV-2006-3017",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3017"
            },
            {
              "name": "ADV-2006-3264",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3264"
            },
            {
              "name": "ADV-2008-0924",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0924/references"
            },
            {
              "name": "ADV-2006-4207",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4207"
            },
            {
              "name": "SSRT071293",
              "refsource": "HP",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
            },
            {
              "name": "ADV-2007-2783",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2783"
            },
            {
              "name": "ADV-2006-3282",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3282"
            },
            {
              "name": "HPSBMA02250",
              "refsource": "HP",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
            },
            {
              "name": "ADV-2006-4015",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4015"
            },
            {
              "name": "ADV-2006-4868",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4868"
            },
            {
              "name": "ADV-2008-1246",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/1246/references"
            },
            {
              "name": "ADV-2006-3884",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3884"
            },
            {
              "name": "SSRT090208",
              "refsource": "HP",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
            },
            {
              "name": "apache-modrewrite-offbyone-bo(28063)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28063"
            },
            {
              "name": "SSRT061265",
              "refsource": "HP",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
            },
            {
              "name": "HPSBUX02145",
              "refsource": "HP",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
            },
            {
              "name": "20060820 POC \u0026 exploit for Apache mod_rewrite off-by-one",
              "refsource": "BUGTRAQ",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/archive/1/443870/100/0/threaded"
            },
            {
              "name": "20060728 rPSA-2006-0139-1 httpd mod_ssl",
              "refsource": "BUGTRAQ",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/archive/1/441526/100/200/threaded"
            },
            {
              "name": "20060728 Apache mod_rewrite Buffer Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/archive/1/441487/100/0/threaded"
            },
            {
              "name": "20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released",
              "refsource": "BUGTRAQ",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/archive/1/441485/100/0/threaded"
            },
            {
              "name": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
              "refsource": "MISC",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-02-13T02:16Z",
      "publishedDate": "2006-07-28T18:02Z"
    }
  }
}

GHSA-47Q7-QPGP-938J

Vulnerability from github – Published: 2022-05-01 07:12 – Updated: 2025-04-03 04:37

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-3747"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-07-28T18:02:00Z",
    "severity": "HIGH"
  },
  "details": "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.",
  "id": "GHSA-47q7-qpgp-938j",
  "modified": "2025-04-03T04:37:39Z",
  "published": "2022-05-01T07:12:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3747"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-538"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28063"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
    },
    {
      "type": "WEB",
      "url": "http://kbase.redhat.com/faq/FAQ_68_8653.shtm"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html"
    },
    {
      "type": "WEB",
      "url": "http://lwn.net/Alerts/194228"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21197"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21241"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21245"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21247"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21266"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21273"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21284"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21307"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21313"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21315"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21346"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21478"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21509"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22262"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22368"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22388"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22523"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23028"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/23260"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26329"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29420"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29849"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30430"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200608-01.xml"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/1312"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016601"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1"
    },
    {
      "type": "WEB",
      "url": "http://svn.apache.org/viewvc?view=rev\u0026revision=426144"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951"
    },
    {
      "type": "WEB",
      "url": "http://www.apache.org/dist/httpd/Announcement2.0.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1131"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1132"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/395412"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2006_43_apache.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27588"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/441485/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/441487/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/441526/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/443870/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19204"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-328-1"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3017"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3264"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3282"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3884"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3995"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4015"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4207"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4300"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/4868"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2783"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0924/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1246/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1697"
    },
    {
      "type": "WEB",
      "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2006-3747

Vulnerability from fkie_nvd - Published: 2006-07-28 18:02 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://docs.info.apple.com/article.html?artnum=307562	Third Party Advisory
secalert@redhat.com	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771	Third Party Advisory
secalert@redhat.com	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449	Third Party Advisory
secalert@redhat.com	http://kbase.redhat.com/faq/FAQ_68_8653.shtm	Third Party Advisory
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html	Third Party Advisory
secalert@redhat.com	http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lwn.net/Alerts/194228/	Mailing List, Third Party Advisory
secalert@redhat.com	http://marc.info/?l=bugtraq&m=130497311408250&w=2	Mailing List, Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/21197	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21241	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21245	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21247	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21266	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21273	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21284	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21307	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21313	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21315	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21346	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21478	Broken Link
secalert@redhat.com	http://secunia.com/advisories/21509	Broken Link
secalert@redhat.com	http://secunia.com/advisories/22262	Broken Link
secalert@redhat.com	http://secunia.com/advisories/22368	Broken Link
secalert@redhat.com	http://secunia.com/advisories/22388	Broken Link
secalert@redhat.com	http://secunia.com/advisories/22523	Broken Link
secalert@redhat.com	http://secunia.com/advisories/23028	Broken Link
secalert@redhat.com	http://secunia.com/advisories/23260	Broken Link
secalert@redhat.com	http://secunia.com/advisories/26329	Broken Link
secalert@redhat.com	http://secunia.com/advisories/29420	Broken Link
secalert@redhat.com	http://secunia.com/advisories/29849	Broken Link
secalert@redhat.com	http://secunia.com/advisories/30430	Broken Link
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200608-01.xml	Third Party Advisory
secalert@redhat.com	http://securityreason.com/securityalert/1312	Third Party Advisory
secalert@redhat.com	http://securitytracker.com/id?1016601	Third Party Advisory, VDB Entry
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1	Broken Link
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1	Broken Link
secalert@redhat.com	http://svn.apache.org/viewvc?view=rev&revision=426144	Vendor Advisory
secalert@redhat.com	http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154	Third Party Advisory
secalert@redhat.com	http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156	Third Party Advisory
secalert@redhat.com	http://www-1.ibm.com/support/docview.wss?uid=swg24013080	Third Party Advisory
secalert@redhat.com	http://www-1.ibm.com/support/docview.wss?uid=swg27007951	Third Party Advisory
secalert@redhat.com	http://www.apache.org/dist/httpd/Announcement2.0.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-1131	Patch, Third Party Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-1132	Patch, Third Party Advisory
secalert@redhat.com	http://www.kb.cert.org/vuls/id/395412	Third Party Advisory, US Government Resource
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:133	Broken Link
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2006_43_apache.html	Third Party Advisory
secalert@redhat.com	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html	Third Party Advisory
secalert@redhat.com	http://www.osvdb.org/27588	Broken Link
secalert@redhat.com	http://www.securityfocus.com/archive/1/441485/100/0/threaded	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/archive/1/441487/100/0/threaded	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/archive/1/441526/100/200/threaded	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/archive/1/443870/100/0/threaded	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/archive/1/445206/100/0/threaded	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/archive/1/450321/100/0/threaded	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/bid/19204	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.ubuntu.com/usn/usn-328-1	Third Party Advisory
secalert@redhat.com	http://www.us-cert.gov/cas/techalerts/TA08-150A.html	Third Party Advisory, US Government Resource
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3017	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3264	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3282	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3884	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/3995	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/4015	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/4207	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/4300	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/4868	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/2783	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0924/references	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/1246/references	Permissions Required
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/1697	Permissions Required
secalert@redhat.com	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117	Third Party Advisory
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/28063	Third Party Advisory, VDB Entry
secalert@redhat.com	https://issues.rpath.com/browse/RPL-538	Broken Link
secalert@redhat.com	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
secalert@redhat.com	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307562	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://kbase.redhat.com/faq/FAQ_68_8653.shtm	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lwn.net/Alerts/194228/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=130497311408250&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21197	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21241	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21245	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21247	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21266	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21273	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21284	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21307	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21313	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21315	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21346	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21478	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21509	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22262	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22368	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22388	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22523	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23028	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23260	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26329	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29420	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29849	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30430	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200608-01.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/1312	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016601	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://svn.apache.org/viewvc?view=rev&revision=426144	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg24013080	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg27007951	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.apache.org/dist/httpd/Announcement2.0.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1131	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1132	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/395412	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:133	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2006_43_apache.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/27588	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/441485/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/441487/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/441526/100/200/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/443870/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/445206/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/450321/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19204	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-328-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-150A.html	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3017	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3264	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3282	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3884	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3995	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4015	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4207	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4300	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4868	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2783	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0924/references	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1246/references	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1697	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28063	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-538	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

Impacted products

Vendor	Product	Version
apache	http_server	*
apache	http_server	*
apache	http_server	*
canonical	ubuntu_linux	5.04
canonical	ubuntu_linux	5.10
canonical	ubuntu_linux	6.06
debian	debian_linux	3.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2795E703-F4AE-491F-8DDD-A3DA32856E80",
              "versionEndExcluding": "1.3.37",
              "versionStartIncluding": "1.3.28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5E51CD7-A796-4204-95BA-53ACB46993A6",
              "versionEndExcluding": "2.0.59",
              "versionStartIncluding": "2.0.46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "028BE030-4059-4C7D-A6E7-47EE2150578B",
              "versionEndExcluding": "2.2.3",
              "versionStartIncluding": "2.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "42E47538-08EE-4DC1-AC17-883C44CF77BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules."
    },
    {
      "lang": "es",
      "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en el esquema ldap manejado en el modulo Rewrite (mod_rewrite) en Apache 1.3 desde 1.3.28, 2.0.46 y otras versiones anteriores 2.0.59, y 2.2, cuando RewriteEngine est\u00e1 activo, permite a atacantes remotos provocar denegaci\u00f3n de servicio (Caida de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo a rtav\u00e9s de URLs manipuladas que no se manejan de forma adecuada utilizando ciertas reglas de reescritura."
    }
  ],
  "id": "CVE-2006-3747",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-07-28T18:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kbase.redhat.com/faq/FAQ_68_8653.shtm"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lwn.net/Alerts/194228/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21197"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21241"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21245"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21247"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21266"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21273"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21284"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21307"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21315"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21346"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21478"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21509"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/22262"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/22368"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/22388"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/22523"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/23028"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/23260"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/26329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/29420"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/29849"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/30430"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200608-01.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://securityreason.com/securityalert/1312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1016601"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://svn.apache.org/viewvc?view=rev\u0026revision=426144"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.apache.org/dist/httpd/Announcement2.0.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1131"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1132"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/395412"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2006_43_apache.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/27588"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/441485/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/441487/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/441526/100/200/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/443870/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/19204"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-328-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3017"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3264"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3282"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3884"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3995"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4015"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4207"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4300"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4868"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2783"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0924/references"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1246/references"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1697"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28063"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-538"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://docs.info.apple.com/article.html?artnum=307562"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kbase.redhat.com/faq/FAQ_68_8653.shtm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lwn.net/Alerts/194228/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21241"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21245"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21247"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21266"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21273"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21284"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21307"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21346"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21478"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/21509"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/22262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/22368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/22388"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/22523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/23028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/23260"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/26329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/29420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/29849"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/30430"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200608-01.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://securityreason.com/securityalert/1312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1016601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://svn.apache.org/viewvc?view=rev\u0026revision=426144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.apache.org/dist/httpd/Announcement2.0.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-1132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/395412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2006_43_apache.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/27588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/441485/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/441487/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/441526/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/443870/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/19204"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-328-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3884"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/3995"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4207"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2783"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0924/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1246/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28063"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-538"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "The ability to exploit this issue is dependent on the stack layout for a particular compiled version of mod_rewrite. If the compiler has added padding to the stack immediately after the buffer being overwritten, this issue can not be exploited, and Apache httpd will continue operating normally.\n\nThe Red Hat Security Response Team analyzed Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4 binaries for all architectures as shipped by Red Hat and determined that these versions cannot be exploited.  This issue does not affect the version of Apache httpd as supplied with Red Hat Enterprise Linux 2.1",
      "lastModified": "2006-07-31T00:00:00",
      "organization": "Red Hat"
    },
    {
      "comment": "Fixed in Apache HTTP Server 2.2.3, 2.0.59, and 1.3.37:\nhttp://httpd.apache.org/security/vulnerabilities_22.html\nhttp://httpd.apache.org/security/vulnerabilities_20.html\nhttp://httpd.apache.org/security/vulnerabilities_13.html",
      "lastModified": "2008-07-02T00:00:00",
      "organization": "Apache"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-3747 (GCVE-0-2006-3747)

CERTA-2008-AVI-148

Description

Solution

CERTA-2008-AVI-278

Description

Solution

CERTA-2006-AVI-315

Description

Solution

CERTA-2008-AVI-214

Description

Solution

GSD-2006-3747

GHSA-47Q7-QPGP-938J

FKIE_CVE-2006-3747

Tags

Sightings

Nomenclature