CVE - CVE-2006-3747

CVE-ID
CVE-2006-3747	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20060728 Apache mod_rewrite Buffer Overflow Vulnerability URL:http://www.securityfocus.com/archive/1/441487/100/0/threaded BUGTRAQ:20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released URL:http://www.securityfocus.com/archive/1/441485/100/0/threaded BUGTRAQ:20060728 rPSA-2006-0139-1 httpd mod_ssl URL:http://www.securityfocus.com/archive/1/441526/100/200/threaded BUGTRAQ:20060820 POC & exploit for Apache mod_rewrite off-by-one URL:http://www.securityfocus.com/archive/1/443870/100/0/threaded FULLDISC:20060728 Apache 1.3.29/2.X mod_rewrite Buffer Overflow Vulnerability CVE-2006-3747 URL:http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html FULLDISC:20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released URL:http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html MISC:http://kbase.redhat.com/faq/FAQ_68_8653.shtm MISC:http://svn.apache.org/viewvc?view=rev&revision=426144 CONFIRM:http://www.apache.org/dist/httpd/Announcement2.0.html CONFIRM:https://issues.rpath.com/browse/RPL-538 CONFIRM:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 CONFIRM:http://www-1.ibm.com/support/docview.wss?uid=swg27007951 CONFIRM:http://docs.info.apple.com/article.html?artnum=307562 APPLE:APPLE-SA-2008-03-18 URL:http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html APPLE:APPLE-SA-2008-05-28 URL:http://lists.apple.com/archives/security-announce/2008//May/msg00001.html HP:HPSBMA02250 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 HP:SSRT061275 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 HP:HPSBMA02328 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 HP:SSRT071293 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 HP:HPSBOV02683 URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 HP:SSRT090208 URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 CERT:TA08-150A URL:http://www.us-cert.gov/cas/techalerts/TA08-150A.html CERT-VN:VU#395412 URL:http://www.kb.cert.org/vuls/id/395412 AIXAPAR:PK27875 URL:http://www-1.ibm.com/support/docview.wss?uid=swg24013080 AIXAPAR:PK29154 URL:http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154 AIXAPAR:PK29156 URL:http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156 DEBIAN:DSA-1131 URL:http://www.debian.org/security/2006/dsa-1131 DEBIAN:DSA-1132 URL:http://www.debian.org/security/2006/dsa-1132 GENTOO:GLSA-200608-01 URL:http://security.gentoo.org/glsa/glsa-200608-01.xml HP:HPSBUX02145 URL:http://www.securityfocus.com/archive/1/445206/100/0/threaded HP:SSRT061202 URL:http://www.securityfocus.com/archive/1/445206/100/0/threaded HP:HPSBUX02164 URL:http://www.securityfocus.com/archive/1/450321/100/0/threaded HP:SSRT061265 URL:http://www.securityfocus.com/archive/1/450321/100/0/threaded MANDRIVA:MDKSA-2006:133 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:133 OPENPKG:OpenPKG-SA-2006.015 URL:http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html SUNALERT:102662 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 SUNALERT:102663 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 SUSE:SUSE-SA:2006:043 URL:http://www.novell.com/linux/security/advisories/2006_43_apache.html TRUSTIX:2006-0044 URL:http://lwn.net/Alerts/194228/ UBUNTU:USN-328-1 URL:http://www.ubuntu.com/usn/usn-328-1 BID:19204 URL:http://www.securityfocus.com/bid/19204 VUPEN:ADV-2006-3017 URL:http://www.vupen.com/english/advisories/2006/3017 VUPEN:ADV-2006-3264 URL:http://www.vupen.com/english/advisories/2006/3264 VUPEN:ADV-2006-3282 URL:http://www.vupen.com/english/advisories/2006/3282 VUPEN:ADV-2006-3884 URL:http://www.vupen.com/english/advisories/2006/3884 VUPEN:ADV-2006-3995 URL:http://www.vupen.com/english/advisories/2006/3995 VUPEN:ADV-2006-4015 URL:http://www.vupen.com/english/advisories/2006/4015 VUPEN:ADV-2006-4207 URL:http://www.vupen.com/english/advisories/2006/4207 VUPEN:ADV-2006-4300 URL:http://www.vupen.com/english/advisories/2006/4300 VUPEN:ADV-2006-4868 URL:http://www.vupen.com/english/advisories/2006/4868 VUPEN:ADV-2007-2783 URL:http://www.vupen.com/english/advisories/2007/2783 VUPEN:ADV-2008-0924 URL:http://www.vupen.com/english/advisories/2008/0924/references VUPEN:ADV-2008-1246 URL:http://www.vupen.com/english/advisories/2008/1246/references VUPEN:ADV-2008-1697 URL:http://www.vupen.com/english/advisories/2008/1697 OSVDB:27588 URL:http://www.osvdb.org/27588 SECTRACK:1016601 URL:http://securitytracker.com/id?1016601 SECUNIA:21197 URL:http://secunia.com/advisories/21197 SECUNIA:21241 URL:http://secunia.com/advisories/21241 SECUNIA:21245 URL:http://secunia.com/advisories/21245 SECUNIA:21266 URL:http://secunia.com/advisories/21266 SECUNIA:21273 URL:http://secunia.com/advisories/21273 SECUNIA:21284 URL:http://secunia.com/advisories/21284 SECUNIA:21313 URL:http://secunia.com/advisories/21313 SECUNIA:21307 URL:http://secunia.com/advisories/21307 SECUNIA:21315 URL:http://secunia.com/advisories/21315 SECUNIA:21247 URL:http://secunia.com/advisories/21247 SECUNIA:21478 URL:http://secunia.com/advisories/21478 SECUNIA:21509 URL:http://secunia.com/advisories/21509 SECUNIA:22262 URL:http://secunia.com/advisories/22262 SECUNIA:22368 URL:http://secunia.com/advisories/22368 SECUNIA:22388 URL:http://secunia.com/advisories/22388 SECUNIA:22523 URL:http://secunia.com/advisories/22523 SECUNIA:23028 URL:http://secunia.com/advisories/23028 SECUNIA:23260 URL:http://secunia.com/advisories/23260 SECUNIA:21346 URL:http://secunia.com/advisories/21346 SECUNIA:26329 URL:http://secunia.com/advisories/26329 SECUNIA:29420 URL:http://secunia.com/advisories/29420 SECUNIA:29849 URL:http://secunia.com/advisories/29849 SECUNIA:30430 URL:http://secunia.com/advisories/30430 SREASON:1312 URL:http://securityreason.com/securityalert/1312 XF:apache-modrewrite-offbyone-bo(28063) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/28063
Assigning CNA
N/A
Date Entry Created
20060720	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060720)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org