Vulnerability CVE-2007-1349


Published: 2007-03-29   Modified: 2012-02-12

Description:
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.

Type:

CWE-399

(Resource Management Errors)

Vendor: Apache
Product: Mod perl 
Version:
2.0.3
2.0.2
2.0.1
2.0.0
Product: Apache test 
Version: 1.29;
Product: Http server 

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.securityfocus.com/bid/23192
http://www.vupen.com/english/advisories/2007/1150
http://www.ubuntu.com/usn/usn-488-1
http://www.securitytracker.com/id?1018259
http://www.redhat.com/support/errata/RHSA-2008-0627.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.redhat.com/support/errata/RHSA-2007-0486.html
http://www.redhat.com/support/errata/RHSA-2007-0396.html
http://www.novell.com/linux/security/advisories/2007_8_sr.html
http://www.novell.com/linux/security/advisories/2007_12_sr.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:083
http://www.gossamer-threads.com/lists/modperl/modperl/92739
http://svn.apache.org/repos/asf/perl/modperl/branches/1.x/Changes
http://support.avaya.com/elmodocs2/security/ASA-2007-293.htm
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021508.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1
http://security.gentoo.org/glsa/glsa-200705-04.xml
http://secunia.com/advisories/33723
http://secunia.com/advisories/33720
http://secunia.com/advisories/31493
http://secunia.com/advisories/31490
http://secunia.com/advisories/26290
http://secunia.com/advisories/26231
http://secunia.com/advisories/26084
http://secunia.com/advisories/25894
http://secunia.com/advisories/25730
http://secunia.com/advisories/25655
http://secunia.com/advisories/25432
http://secunia.com/advisories/25110
http://secunia.com/advisories/25072
http://secunia.com/advisories/24839
http://secunia.com/advisories/24678
http://rhn.redhat.com/errata/RHSA-2008-0630.html
http://rhn.redhat.com/errata/RHSA-2007-0395.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8349
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10987
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc

Related CVE
CVE-2019-12421
When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to...
CVE-2019-10080
The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services (via XXE) and reveal information such as the v...
CVE-2019-10083
When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which...
CVE-2019-12422
Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack.
CVE-2019-10070
Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality
CVE-2019-12419
Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is...
CVE-2019-12410
While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby ...
CVE-2019-12408
It was discovered that the C++ implementation (which underlies the R, Python and Ruby implementations) of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized...

Copyright 2019, cxsecurity.com

 

Back to Top