Back to search
CVE-2007-1349
Published: Mar 30, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
26231
third-party-advisory
x_refsource_SECUNIA
1018259
vdb-entry
x_refsource_SECTRACK
25894
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0630
vendor-advisory
x_refsource_REDHAT
RHSA-2007:0395
vendor-advisory
x_refsource_REDHAT
RHSA-2007:0486
vendor-advisory
x_refsource_REDHAT
31493
third-party-advisory
x_refsource_SECUNIA
http://www.gossamer-threads.com/lists/modperl/modperl/92739
x_refsource_MISC
RHSA-2008:0627
vendor-advisory
x_refsource_REDHAT
http://svn.apache.org/repos/asf/perl/modperl/branches/1.x/Changes
x_refsource_CONFIRM
24839
third-party-advisory
x_refsource_SECUNIA
33720
third-party-advisory
x_refsource_SECUNIA
USN-488-1
vendor-advisory
x_refsource_UBUNTU
31490
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2007:012
vendor-advisory
x_refsource_SUSE
26084
third-party-advisory
x_refsource_SECUNIA
ADV-2007-1150
vdb-entry
x_refsource_VUPEN
25655
third-party-advisory
x_refsource_SECUNIA
1021508
vendor-advisory
x_refsource_SUNALERT
http://support.avaya.com/elmodocs2/security/ASA-2007-293.htm
x_refsource_CONFIRM
24678
third-party-advisory
x_refsource_SECUNIA
25110
third-party-advisory
x_refsource_SECUNIA
RHSA-2007:0396
vendor-advisory
x_refsource_REDHAT
2007-0023
vendor-advisory
x_refsource_TRUSTIX
MDKSA-2007:083
vendor-advisory
x_refsource_MANDRIVA
33723
third-party-advisory
x_refsource_SECUNIA
25730
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2007:008
vendor-advisory
x_refsource_SUSE
26290
third-party-advisory
x_refsource_SECUNIA
modperl-pathinfo-dos(33312)
vdb-entry
x_refsource_XF
RHSA-2008:0261
vendor-advisory
x_refsource_REDHAT
GLSA-200705-04
vendor-advisory
x_refsource_GENTOO
23192
vdb-entry
x_refsource_BID
25072
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10987
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:8349
vdb-entry
signature
x_refsource_OVAL
25432
third-party-advisory
x_refsource_SECUNIA
248386
vendor-advisory
x_refsource_SUNALERT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now