PT-2006-1096 · Apache+10 · Apache Http Server+10

Alex Nichols

+1

·

Published

2006-10-31

·

Updated

2025-03-17

·

CVE-2006-20001

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.54 and earlier
Description: A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. The issue is also related to a buffer overflow in the mod dav module, which can allow a remote attacker to cause a denial of service.
Recommendations: For Apache HTTP Server versions 2.4.54 and earlier, update to a version later than 2.4.54 to resolve the issue. As a temporary workaround, consider restricting access to the If: request header to minimize the risk of exploitation. Additionally, restricting access to the mod dav module can also help mitigate the risk of a denial of service attack.

Exploit

Fix

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

ALSA-2023:0852
ALSA-2023:0970
ALT-PU-2023-1165
ALT-PU-2023-1189
ALT-PU-2023-1260
ALT-PU-2023-1380
BDU:2023-01105
CESA-2023_0852
CVE-2006-20001
DLA-3351-1
DSA-5376-1
MGASA-2023-0032
OESA-2023-1052
OPENSUSE-SU-2023_0322-1
OPENSUSE-SU-2024:12635-1
RHSA-2023:0852
RHSA-2023:0970
RHSA-2023:3354
RHSA-2023_0852
RHSA-2023_0970
RLSA-2023:0852
RLSA-2023:0970
SUSE-SU-2023:0183-1
SUSE-SU-2023:0185-1
SUSE-SU-2023:0294-1
SUSE-SU-2023:0321-1
SUSE-SU-2023:0322-1
SUSE-SU-2023_0183-1
SUSE-SU-2023_0185-1
SUSE-SU-2023_0294-1
SUSE-SU-2023_0321-1
SUSE-SU-2023_0322-1
USN-5834-1
USN-5839-1

Affected Products

Alt Linux
Almalinux
Apache Http Server
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu