2017-10-16 12:31:07 -04:00
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org" ,
"ID" : "CVE-2006-3747" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
2018-04-05 09:33:01 -04:00
"name" : "20060728 Apache mod_rewrite Buffer Overflow Vulnerability" ,
"refsource" : "BUGTRAQ" ,
2018-10-17 17:05:08 -04:00
"url" : "http://www.securityfocus.com/archive/1/441487/100/0/threaded"
2017-10-16 12:31:07 -04:00
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released" ,
"refsource" : "BUGTRAQ" ,
2018-10-17 17:05:08 -04:00
"url" : "http://www.securityfocus.com/archive/1/441485/100/0/threaded"
2017-10-16 12:31:07 -04:00
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "20060728 rPSA-2006-0139-1 httpd mod_ssl" ,
"refsource" : "BUGTRAQ" ,
2018-10-17 17:05:08 -04:00
"url" : "http://www.securityfocus.com/archive/1/441526/100/200/threaded"
2017-10-16 12:31:07 -04:00
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "20060820 POC & exploit for Apache mod_rewrite off-by-one" ,
"refsource" : "BUGTRAQ" ,
2018-10-17 17:05:08 -04:00
"url" : "http://www.securityfocus.com/archive/1/443870/100/0/threaded"
2017-10-16 12:31:07 -04:00
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "20060728 Apache 1.3.29/2.X mod_rewrite Buffer Overflow Vulnerability CVE-2006-3747" ,
"refsource" : "FULLDISC" ,
2017-10-16 12:31:07 -04:00
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released" ,
"refsource" : "FULLDISC" ,
2017-10-16 12:31:07 -04:00
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "http://kbase.redhat.com/faq/FAQ_68_8653.shtm" ,
"refsource" : "MISC" ,
2017-10-16 12:31:07 -04:00
"url" : "http://kbase.redhat.com/faq/FAQ_68_8653.shtm"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "http://svn.apache.org/viewvc?view=rev&revision=426144" ,
"refsource" : "MISC" ,
2017-10-16 12:31:07 -04:00
"url" : "http://svn.apache.org/viewvc?view=rev&revision=426144"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "http://www.apache.org/dist/httpd/Announcement2.0.html" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.apache.org/dist/httpd/Announcement2.0.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "https://issues.rpath.com/browse/RPL-538" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "https://issues.rpath.com/browse/RPL-538"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg27007951" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg27007951"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "http://docs.info.apple.com/article.html?artnum=307562" ,
"refsource" : "CONFIRM" ,
2017-10-16 12:31:07 -04:00
"url" : "http://docs.info.apple.com/article.html?artnum=307562"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "APPLE-SA-2008-03-18" ,
"refsource" : "APPLE" ,
2017-10-16 12:31:07 -04:00
"url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "APPLE-SA-2008-05-28" ,
"refsource" : "APPLE" ,
2017-10-16 12:31:07 -04:00
"url" : "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "HPSBMA02250" ,
"refsource" : "HP" ,
2017-10-16 12:31:07 -04:00
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "SSRT061275" ,
"refsource" : "HP" ,
2017-10-16 12:31:07 -04:00
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "HPSBMA02328" ,
"refsource" : "HP" ,
2017-10-16 12:31:07 -04:00
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "SSRT071293" ,
"refsource" : "HP" ,
2017-10-16 12:31:07 -04:00
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "HPSBOV02683" ,
"refsource" : "HP" ,
2017-10-16 12:31:07 -04:00
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "SSRT090208" ,
"refsource" : "HP" ,
2017-10-16 12:31:07 -04:00
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "TA08-150A" ,
"refsource" : "CERT" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "VU#395412" ,
"refsource" : "CERT-VN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.kb.cert.org/vuls/id/395412"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "PK27875" ,
"refsource" : "AIXAPAR" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24013080"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "PK29154" ,
"refsource" : "AIXAPAR" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "PK29156" ,
"refsource" : "AIXAPAR" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "DSA-1131" ,
"refsource" : "DEBIAN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.debian.org/security/2006/dsa-1131"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "DSA-1132" ,
"refsource" : "DEBIAN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.debian.org/security/2006/dsa-1132"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "GLSA-200608-01" ,
"refsource" : "GENTOO" ,
2017-10-16 12:31:07 -04:00
"url" : "http://security.gentoo.org/glsa/glsa-200608-01.xml"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "HPSBUX02145" ,
"refsource" : "HP" ,
2018-10-17 17:05:08 -04:00
"url" : "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
2017-10-16 12:31:07 -04:00
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "SSRT061202" ,
"refsource" : "HP" ,
2018-10-17 17:05:08 -04:00
"url" : "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
2017-10-16 12:31:07 -04:00
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "HPSBUX02164" ,
"refsource" : "HP" ,
2018-10-17 17:05:08 -04:00
"url" : "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
2017-10-16 12:31:07 -04:00
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "SSRT061265" ,
"refsource" : "HP" ,
2018-10-17 17:05:08 -04:00
"url" : "http://www.securityfocus.com/archive/1/450321/100/0/threaded"
2017-10-16 12:31:07 -04:00
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "MDKSA-2006:133" ,
"refsource" : "MANDRIVA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:133"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "OpenPKG-SA-2006.015" ,
"refsource" : "OPENPKG" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "102662" ,
"refsource" : "SUNALERT" ,
2017-10-16 12:31:07 -04:00
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "102663" ,
"refsource" : "SUNALERT" ,
2017-10-16 12:31:07 -04:00
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "SUSE-SA:2006:043" ,
"refsource" : "SUSE" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.novell.com/linux/security/advisories/2006_43_apache.html"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "2006-0044" ,
"refsource" : "TRUSTIX" ,
2017-10-16 12:31:07 -04:00
"url" : "http://lwn.net/Alerts/194228/"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "USN-328-1" ,
"refsource" : "UBUNTU" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.ubuntu.com/usn/usn-328-1"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "19204" ,
"refsource" : "BID" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.securityfocus.com/bid/19204"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2006-3017" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2006/3017"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2006-3264" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2006/3264"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2006-3282" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2006/3282"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2006-3884" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2006/3884"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2006-3995" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2006/3995"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2006-4015" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2006/4015"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2006-4207" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2006/4207"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2006-4300" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2006/4300"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2006-4868" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2006/4868"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2007-2783" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2007/2783"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2008-0924" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2008/0924/references"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2008-1246" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2008/1246/references"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "ADV-2008-1697" ,
"refsource" : "VUPEN" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.vupen.com/english/advisories/2008/1697"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "27588" ,
"refsource" : "OSVDB" ,
2017-10-16 12:31:07 -04:00
"url" : "http://www.osvdb.org/27588"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "1016601" ,
"refsource" : "SECTRACK" ,
2017-10-16 12:31:07 -04:00
"url" : "http://securitytracker.com/id?1016601"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21197" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21197"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21241" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21241"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21245" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21245"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21266" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21266"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21273" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21273"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21284" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21284"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21313" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21313"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21307" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21307"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21315" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21315"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21247" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21247"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21478" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21478"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21509" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21509"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "22262" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/22262"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "22368" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/22368"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "22388" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/22388"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "22523" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/22523"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "23028" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/23028"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "23260" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/23260"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "21346" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/21346"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "26329" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/26329"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "29420" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/29420"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "29849" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/29849"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "30430" ,
"refsource" : "SECUNIA" ,
2017-10-16 12:31:07 -04:00
"url" : "http://secunia.com/advisories/30430"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "1312" ,
"refsource" : "SREASON" ,
2017-10-16 12:31:07 -04:00
"url" : "http://securityreason.com/securityalert/1312"
} ,
{
2018-04-05 09:33:01 -04:00
"name" : "apache-modrewrite-offbyone-bo(28063)" ,
"refsource" : "XF" ,
2017-10-16 12:31:07 -04:00
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28063"
}
]
}
}
