Vulnerability Description
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Http Server | >= 1.3.28, < 1.3.37 |
| Canonical | Ubuntu Linux | 5.04 |
| Debian | Debian Linux | 3.1 |
Related Weaknesses (CWE)
References
- http://docs.info.apple.com/article.html?artnum=307562Third Party Advisory
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771Third Party Advisory
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449Third Party Advisory
- http://kbase.redhat.com/faq/FAQ_68_8653.shtmThird Party Advisory
- http://lists.apple.com/archives/security-announce/2008//May/msg00001.htmlMailing ListThird Party Advisory
- http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlMailing ListThird Party Advisory
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.htmlThird Party Advisory
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.htmlMailing ListThird Party Advisory
- http://lwn.net/Alerts/194228/Mailing ListThird Party Advisory
- http://marc.info/?l=bugtraq&m=130497311408250&w=2Mailing ListThird Party Advisory
- http://secunia.com/advisories/21197Broken Link
- http://secunia.com/advisories/21241Broken Link
- http://secunia.com/advisories/21245Broken Link
- http://secunia.com/advisories/21247Broken Link
- http://secunia.com/advisories/21266Broken Link
FAQ
What is CVE-2006-3747?
CVE-2006-3747 is a vulnerability with a CVSS score of 7.6 (HIGH). Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remo...
How severe is CVE-2006-3747?
CVE-2006-3747 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3747?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Canonical Ubuntu Linux, Debian Debian Linux.