Computer Security
[EN] securityvulns.ru no-pyccku


Apache mod_perl resource exhaustion
Published:01.04.2007
Source:
SecurityVulns ID:7516
Type:library
Threat Level:
5/10
Description:PATH_INFO environment variable is used in regular expressions without scpeial characters escaping.
Affected:APACHE : mod_perl 1.30
 APACHE : mod_perl 2.0
CVE:CVE-2007-1349 (PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod