Back to search
CVE-2007-3847
Published: Aug 23, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
28606
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0005
vendor-advisory
x_refsource_REDHAT
ADV-2007-3955
vdb-entry
x_refsource_VUPEN
28922
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10525
vdb-entry
signature
x_refsource_OVAL
28749
third-party-advisory
x_refsource_SECUNIA
PK52702
vendor-advisory
x_refsource_AIXAPAR
HPSBUX02273
vendor-advisory
x_refsource_HP
26952
third-party-advisory
x_refsource_SECUNIA
26993
third-party-advisory
x_refsource_SECUNIA
SSA:2008-045-02
vendor-advisory
x_refsource_SLACKWARE
26636
third-party-advisory
x_refsource_SECUNIA
27563
third-party-advisory
x_refsource_SECUNIA
1018633
vdb-entry
x_refsource_SECTRACK
27732
third-party-advisory
x_refsource_SECUNIA
27209
third-party-advisory
x_refsource_SECUNIA
RHSA-2007:0911
vendor-advisory
x_refsource_REDHAT
[apache-httpd-dev] 20070801 Re: svn commit: r561616 - in /httpd/httpd/trunk: CHANGES modules/proxy/proxy_util.c
mailing-list
x_refsource_MLIST
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
x_refsource_CONFIRM
26790
third-party-advisory
x_refsource_SECUNIA
[apache-httpd-dev] 20070801 Re: svn commit: r561616 - in /httpd/httpd/trunk: CHANGES modules/proxy/proxy_util.c
mailing-list
x_refsource_MLIST
ADV-2008-0924
vdb-entry
x_refsource_VUPEN
http://httpd.apache.org/security/vulnerabilities_20.html
x_refsource_CONFIRM
TA08-150A
third-party-advisory
x_refsource_CERT
SUSE-SA:2007:061
vendor-advisory
x_refsource_SUSE
FEDORA-2007-2214
vendor-advisory
x_refsource_FEDORA
RHSA-2007:0747
vendor-advisory
x_refsource_REDHAT
ADV-2007-3494
vdb-entry
x_refsource_VUPEN
29420
third-party-advisory
x_refsource_SECUNIA
http://httpd.apache.org/security/vulnerabilities_22.html
x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-1710
x_refsource_CONFIRM
APPLE-SA-2008-03-18
vendor-advisory
x_refsource_APPLE
30430
third-party-advisory
x_refsource_SECUNIA
MDKSA-2007:235
vendor-advisory
x_refsource_MANDRIVA
APPLE-SA-2008-05-28
vendor-advisory
x_refsource_APPLE
http://support.avaya.com/elmodocs2/security/ASA-2007-500.htm
x_refsource_CONFIRM
20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server
mailing-list
x_refsource_BUGTRAQ
28467
third-party-advisory
x_refsource_SECUNIA
ADV-2008-0233
vdb-entry
x_refsource_VUPEN
26722
third-party-advisory
x_refsource_SECUNIA
27971
third-party-advisory
x_refsource_SECUNIA
[security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server
mailing-list
x_refsource_MLIST
27882
third-party-advisory
x_refsource_SECUNIA
GLSA-200711-06
vendor-advisory
x_refsource_GENTOO
ADV-2007-3095
vdb-entry
x_refsource_VUPEN
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951
x_refsource_CONFIRM
http://docs.info.apple.com/article.html?artnum=307562
x_refsource_CONFIRM
RHSA-2007:0746
vendor-advisory
x_refsource_REDHAT
PK50469
vendor-advisory
x_refsource_AIXAPAR
FEDORA-2007-707
vendor-advisory
x_refsource_FEDORA
27593
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1697
vdb-entry
x_refsource_VUPEN
USN-575-1
vendor-advisory
x_refsource_UBUNTU
26842
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3283
vdb-entry
x_refsource_VUPEN
ADV-2007-3020
vdb-entry
x_refsource_VUPEN
25489
vdb-entry
x_refsource_BID
[apache-cvs] 20070801 svn commit: r561616 - in /httpd/httpd/trunk: CHANGES
mailing-list
x_refsource_MLIST
http://bugs.gentoo.org/show_bug.cgi?id=186219
x_refsource_CONFIRM
SSRT071476
vendor-advisory
x_refsource_HP
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now