CVE-2007-1349

Related Files

Ubuntu Security Notice 488-1

Posted Jul 18, 2007

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 488-1 - Alex Solovey discovered that mod_perl did not correctly validate certain regular expression matches. A remote attacker could send a specially crafted request to a web application using mod_perl, causing the web server to monopolize CPU resources. This could lead to a remote denial of service.

tags | advisory, remote, web, denial of service

systems | linux, ubuntu

advisories | CVE-2007-1349

SHA-256 | 2df01f7323baf7e7291455fc97567e8c5c962f1d5a78e8ce77f77a6dec7e440a

Download | Favorite | View

Gentoo Linux Security Advisory 200705-4

Posted May 3, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200705-04 - Alex Solvey discovered that the path_info variable used in file RegistryCooker.pm (mod_perl 2.x) or file PerlRun.pm (mod_perl 1.x), is not properly escaped before being processed. Versions less than 1.30 are affected.

tags | advisory

systems | linux, gentoo

advisories | CVE-2007-1349

SHA-256 | 9e5a6dcdbd9b47cf10b752a5cf947783beb13a0c3c7d1e64f9432dc44e3893bb

Download | Favorite | View

Mandriva Linux Security Advisory 2007.083

Posted Apr 12, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - PerlRun.pm in Apache mod_perl 1.30 and earlier, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.

tags | advisory, remote, denial of service

systems | linux, mandriva

advisories | CVE-2007-1349

SHA-256 | 6d4d614a74e77c985f3e66dcfc0f053154819e4a5cc86df37fe5b24b35f311ae

Download | Favorite | View