Alex Solovey

Name of the Vulnerable Software and Affected Versions: mod perl versions prior to 1.30 mod perl 2.x Description: The issue arises from insufficient input validation in the PerlRun.pm and RegistryCooker.pm components of the Apache mod perl module. This allows remote attackers to cause a denial of service, specifically resource consumption, by crafting a malicious URI. The exploitation of this issue can lead to a denial of service. Recommendations: For mod perl versions prior to 1.30, update to version 1.30 or later to resolve the issue. For mod perl 2.x, consider disabling the PerlRun.pm and RegistryCooker.pm components until a patch is available. Restrict access to these components to minimize the risk of exploitation.