CVE-2005-2728 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-2728
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-2728

Description: The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/22006 UBUNTU http://www.ubuntu.com/usn/usn-177-1 TRUSTIX http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html SUSE http://www.novell.com/linux/security/advisories/2005_51_apache2.html http://www.novell.com/linux/security/advisories/2005_52_apache2.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 SREASON http://securityreason.com/securityalert/604 SGI SAID Secunia Advisory: SA16743 Secunia Advisory: SA16746 Secunia Advisory: SA16753 Secunia Advisory: SA16754 Secunia Advisory: SA16769 Secunia Advisory: SA16559 Secunia Advisory: SA16705 Secunia Advisory: SA16714 Secunia Advisory: SA16789 Secunia Advisory: SA16956 Secunia Advisory: SA17036 Secunia Advisory: SA17288 Secunia Advisory: SA17600 Secunia Advisory: SA17831 Secunia Advisory: SA17923 Secunia Advisory: SA18161 Secunia Advisory: SA18333 Secunia Advisory: SA18517 Secunia Advisory: SA19072 REDHAT http://www.redhat.com/support/errata/RHSA-2005-608.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1727 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1246 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:760 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2005:161 HP http://www.securityfocus.com/archive/1/archive/1/428138/100/0/threaded GENTOO http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml DEBIAN http://www.debian.org/security/2005/dsa-805 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://issues.apache.org/bugzilla/show_bug.cgi?id=29962 BID 14660

Return to the previous page.