7.6
HIGH
CVE-2006-3747
Apache mod_rewrite LDAP Scheme Off-by-One Vulnerability (Deserialization)
Description

Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.

INFO

Published Date :

July 28, 2006, 6:02 p.m.

Last Modified :

Feb. 13, 2023, 2:16 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

10.0

Exploitability Score :

4.9
Public PoC/Exploit Available at Github

CVE-2006-3747 has a 2 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2006-3747 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Canonical ubuntu_linux
1 Debian debian_linux
1 Apache http_server
: Total Affected Vendor : 3 | Products : 3
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2006-3747.

URL Resource
http://docs.info.apple.com/article.html?artnum=307562 Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 Third Party Advisory
http://kbase.redhat.com/faq/FAQ_68_8653.shtm Third Party Advisory
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html Mailing List Third Party Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html Third Party Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html Mailing List Third Party Advisory
http://lwn.net/Alerts/194228/ Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=130497311408250&w=2 Mailing List Third Party Advisory
http://secunia.com/advisories/21197 Broken Link
http://secunia.com/advisories/21241 Broken Link
http://secunia.com/advisories/21245 Broken Link
http://secunia.com/advisories/21247 Broken Link
http://secunia.com/advisories/21266 Broken Link
http://secunia.com/advisories/21273 Broken Link
http://secunia.com/advisories/21284 Broken Link
http://secunia.com/advisories/21307 Broken Link
http://secunia.com/advisories/21313 Broken Link
http://secunia.com/advisories/21315 Broken Link
http://secunia.com/advisories/21346 Broken Link
http://secunia.com/advisories/21478 Broken Link
http://secunia.com/advisories/21509 Broken Link
http://secunia.com/advisories/22262 Broken Link
http://secunia.com/advisories/22368 Broken Link
http://secunia.com/advisories/22388 Broken Link
http://secunia.com/advisories/22523 Broken Link
http://secunia.com/advisories/23028 Broken Link
http://secunia.com/advisories/23260 Broken Link
http://secunia.com/advisories/26329 Broken Link
http://secunia.com/advisories/29420 Broken Link
http://secunia.com/advisories/29849 Broken Link
http://secunia.com/advisories/30430 Broken Link
http://security.gentoo.org/glsa/glsa-200608-01.xml Third Party Advisory
http://securityreason.com/securityalert/1312 Third Party Advisory
http://securitytracker.com/id?1016601 Third Party Advisory VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 Broken Link
http://svn.apache.org/viewvc?view=rev&revision=426144 Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154 Third Party Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156 Third Party Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg24013080 Third Party Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg27007951 Third Party Advisory
http://www.apache.org/dist/httpd/Announcement2.0.html Patch Vendor Advisory
http://www.debian.org/security/2006/dsa-1131 Patch Third Party Advisory
http://www.debian.org/security/2006/dsa-1132 Patch Third Party Advisory
http://www.kb.cert.org/vuls/id/395412 Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:133 Broken Link
http://www.novell.com/linux/security/advisories/2006_43_apache.html Third Party Advisory
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html Third Party Advisory
http://www.osvdb.org/27588 Broken Link
http://www.securityfocus.com/archive/1/441485/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/441487/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/441526/100/200/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/443870/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/445206/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/450321/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/19204 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-328-1 Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-150A.html Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2006/3017 Permissions Required
http://www.vupen.com/english/advisories/2006/3264 Permissions Required
http://www.vupen.com/english/advisories/2006/3282 Permissions Required
http://www.vupen.com/english/advisories/2006/3884 Permissions Required
http://www.vupen.com/english/advisories/2006/3995 Permissions Required
http://www.vupen.com/english/advisories/2006/4015 Permissions Required
http://www.vupen.com/english/advisories/2006/4207 Permissions Required
http://www.vupen.com/english/advisories/2006/4300 Permissions Required
http://www.vupen.com/english/advisories/2006/4868 Permissions Required
http://www.vupen.com/english/advisories/2007/2783 Permissions Required
http://www.vupen.com/english/advisories/2008/0924/references Permissions Required
http://www.vupen.com/english/advisories/2008/1246/references Permissions Required
http://www.vupen.com/english/advisories/2008/1697 Permissions Required
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28063 Third Party Advisory VDB Entry
https://issues.rpath.com/browse/RPL-538 Broken Link
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
CVEDB/awesome-cve-repo

None

Shell

Updated: 1 week, 4 days ago
3 stars 2 fork 2 watcher
Born at : March 23, 2023, 4:32 a.m. This repo has been linked 435 different CVEs too.
Profile Photo
defensahacker/CVE-2006-3747

Information about my advisory on CVE-2006-3747 (Apache mod_rewrite LDAP off-by-one buffer overflow).. At the time, it was the first public working exploit :)

buffer-overflow buffer-overflow-attack pentesting apache

HTML Shell

Updated: 3 years, 6 months ago
2 stars 2 fork 2 watcher
Born at : Nov. 26, 2016, 12:20 a.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2006-3747 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2006-3747 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Feb. 13, 2023

    Action Type Old Value New Value
    Removed Reference https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Removed Reference https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E [Vendor Advisory]
    Added Reference https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E [No Types Assigned]
  • Modified Analysis by [email protected]

    Jan. 19, 2023

    Action Type Old Value New Value
    Changed Reference Type http://docs.info.apple.com/article.html?artnum=307562 No Types Assigned http://docs.info.apple.com/article.html?artnum=307562 Third Party Advisory
    Changed Reference Type http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 No Types Assigned http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 Third Party Advisory
    Changed Reference Type http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 No Types Assigned http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 Third Party Advisory
    Changed Reference Type http://kbase.redhat.com/faq/FAQ_68_8653.shtm No Types Assigned http://kbase.redhat.com/faq/FAQ_68_8653.shtm Third Party Advisory
    Changed Reference Type http://lists.apple.com/archives/security-announce/2008//May/msg00001.html No Types Assigned http://lists.apple.com/archives/security-announce/2008//May/msg00001.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html No Types Assigned http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html No Types Assigned http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html Third Party Advisory
    Changed Reference Type http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html No Types Assigned http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html Mailing List, Third Party Advisory
    Changed Reference Type http://lwn.net/Alerts/194228/ No Types Assigned http://lwn.net/Alerts/194228/ Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=130497311408250&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=130497311408250&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/21197 Vendor Advisory http://secunia.com/advisories/21197 Broken Link
    Changed Reference Type http://secunia.com/advisories/21241 Vendor Advisory http://secunia.com/advisories/21241 Broken Link
    Changed Reference Type http://secunia.com/advisories/21245 Vendor Advisory http://secunia.com/advisories/21245 Broken Link
    Changed Reference Type http://secunia.com/advisories/21247 Vendor Advisory http://secunia.com/advisories/21247 Broken Link
    Changed Reference Type http://secunia.com/advisories/21266 Vendor Advisory http://secunia.com/advisories/21266 Broken Link
    Changed Reference Type http://secunia.com/advisories/21273 Vendor Advisory http://secunia.com/advisories/21273 Broken Link
    Changed Reference Type http://secunia.com/advisories/21284 Vendor Advisory http://secunia.com/advisories/21284 Broken Link
    Changed Reference Type http://secunia.com/advisories/21307 Vendor Advisory http://secunia.com/advisories/21307 Broken Link
    Changed Reference Type http://secunia.com/advisories/21313 Vendor Advisory http://secunia.com/advisories/21313 Broken Link
    Changed Reference Type http://secunia.com/advisories/21315 Vendor Advisory http://secunia.com/advisories/21315 Broken Link
    Changed Reference Type http://secunia.com/advisories/21346 Vendor Advisory http://secunia.com/advisories/21346 Broken Link
    Changed Reference Type http://secunia.com/advisories/21478 Vendor Advisory http://secunia.com/advisories/21478 Broken Link
    Changed Reference Type http://secunia.com/advisories/21509 Vendor Advisory http://secunia.com/advisories/21509 Broken Link
    Changed Reference Type http://secunia.com/advisories/22262 Vendor Advisory http://secunia.com/advisories/22262 Broken Link
    Changed Reference Type http://secunia.com/advisories/22368 Vendor Advisory http://secunia.com/advisories/22368 Broken Link
    Changed Reference Type http://secunia.com/advisories/22388 Vendor Advisory http://secunia.com/advisories/22388 Broken Link
    Changed Reference Type http://secunia.com/advisories/22523 Vendor Advisory http://secunia.com/advisories/22523 Broken Link
    Changed Reference Type http://secunia.com/advisories/23028 Vendor Advisory http://secunia.com/advisories/23028 Broken Link
    Changed Reference Type http://secunia.com/advisories/23260 Vendor Advisory http://secunia.com/advisories/23260 Broken Link
    Changed Reference Type http://secunia.com/advisories/26329 No Types Assigned http://secunia.com/advisories/26329 Broken Link
    Changed Reference Type http://secunia.com/advisories/29420 No Types Assigned http://secunia.com/advisories/29420 Broken Link
    Changed Reference Type http://secunia.com/advisories/29849 No Types Assigned http://secunia.com/advisories/29849 Broken Link
    Changed Reference Type http://secunia.com/advisories/30430 No Types Assigned http://secunia.com/advisories/30430 Broken Link
    Changed Reference Type http://security.gentoo.org/glsa/glsa-200608-01.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200608-01.xml Third Party Advisory
    Changed Reference Type http://securityreason.com/securityalert/1312 No Types Assigned http://securityreason.com/securityalert/1312 Third Party Advisory
    Changed Reference Type http://securitytracker.com/id?1016601 No Types Assigned http://securitytracker.com/id?1016601 Third Party Advisory, VDB Entry
    Changed Reference Type http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 No Types Assigned http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 Broken Link
    Changed Reference Type http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 No Types Assigned http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 Broken Link
    Changed Reference Type http://svn.apache.org/viewvc?view=rev&revision=426144 No Types Assigned http://svn.apache.org/viewvc?view=rev&revision=426144 Vendor Advisory
    Changed Reference Type http://www.debian.org/security/2006/dsa-1131 Patch http://www.debian.org/security/2006/dsa-1131 Patch, Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2006/dsa-1132 Patch http://www.debian.org/security/2006/dsa-1132 Patch, Third Party Advisory
    Changed Reference Type http://www.kb.cert.org/vuls/id/395412 US Government Resource http://www.kb.cert.org/vuls/id/395412 Third Party Advisory, US Government Resource
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2006:133 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2006:133 Broken Link
    Changed Reference Type http://www.novell.com/linux/security/advisories/2006_43_apache.html No Types Assigned http://www.novell.com/linux/security/advisories/2006_43_apache.html Third Party Advisory
    Changed Reference Type http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html No Types Assigned http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html Third Party Advisory
    Changed Reference Type http://www.osvdb.org/27588 No Types Assigned http://www.osvdb.org/27588 Broken Link
    Changed Reference Type http://www.securityfocus.com/archive/1/441485/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/441485/100/0/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/archive/1/441487/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/441487/100/0/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/archive/1/441526/100/200/threaded No Types Assigned http://www.securityfocus.com/archive/1/441526/100/200/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/archive/1/443870/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/443870/100/0/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/archive/1/445206/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/445206/100/0/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/archive/1/450321/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/450321/100/0/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/bid/19204 No Types Assigned http://www.securityfocus.com/bid/19204 Third Party Advisory, VDB Entry
    Changed Reference Type http://www.ubuntu.com/usn/usn-328-1 No Types Assigned http://www.ubuntu.com/usn/usn-328-1 Third Party Advisory
    Changed Reference Type http://www.us-cert.gov/cas/techalerts/TA08-150A.html US Government Resource http://www.us-cert.gov/cas/techalerts/TA08-150A.html Third Party Advisory, US Government Resource
    Changed Reference Type http://www.vupen.com/english/advisories/2006/3017 No Types Assigned http://www.vupen.com/english/advisories/2006/3017 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2006/3264 No Types Assigned http://www.vupen.com/english/advisories/2006/3264 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2006/3282 No Types Assigned http://www.vupen.com/english/advisories/2006/3282 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2006/3884 No Types Assigned http://www.vupen.com/english/advisories/2006/3884 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2006/3995 No Types Assigned http://www.vupen.com/english/advisories/2006/3995 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2006/4015 No Types Assigned http://www.vupen.com/english/advisories/2006/4015 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2006/4207 No Types Assigned http://www.vupen.com/english/advisories/2006/4207 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2006/4300 No Types Assigned http://www.vupen.com/english/advisories/2006/4300 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2006/4868 No Types Assigned http://www.vupen.com/english/advisories/2006/4868 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2007/2783 No Types Assigned http://www.vupen.com/english/advisories/2007/2783 Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2008/0924/references No Types Assigned http://www.vupen.com/english/advisories/2008/0924/references Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2008/1246/references No Types Assigned http://www.vupen.com/english/advisories/2008/1246/references Permissions Required
    Changed Reference Type http://www.vupen.com/english/advisories/2008/1697 No Types Assigned http://www.vupen.com/english/advisories/2008/1697 Permissions Required
    Changed Reference Type http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154 No Types Assigned http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154 Third Party Advisory
    Changed Reference Type http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156 No Types Assigned http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156 Third Party Advisory
    Changed Reference Type http://www-1.ibm.com/support/docview.wss?uid=swg24013080 No Types Assigned http://www-1.ibm.com/support/docview.wss?uid=swg24013080 Third Party Advisory
    Changed Reference Type http://www-1.ibm.com/support/docview.wss?uid=swg27007951 No Types Assigned http://www-1.ibm.com/support/docview.wss?uid=swg27007951 Third Party Advisory
    Changed Reference Type http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 No Types Assigned http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 Third Party Advisory
    Changed Reference Type https://exchange.xforce.ibmcloud.com/vulnerabilities/28063 No Types Assigned https://exchange.xforce.ibmcloud.com/vulnerabilities/28063 Third Party Advisory, VDB Entry
    Changed Reference Type https://issues.rpath.com/browse/RPL-538 No Types Assigned https://issues.rpath.com/browse/RPL-538 Broken Link
    Changed Reference Type https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed Reference Type https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E Vendor Advisory
    Changed CPE Configuration OR *cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.5:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.7:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.7:*:dev:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.8:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:* OR *cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from (including) 1.3.28 up to (excluding) 1.3.37 *cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from (including) 2.0.46 up to (excluding) 2.0.59 *cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from (including) 2.2.0 up to (excluding) 2.2.3
    Changed CPE Configuration OR *cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:*:*:*:*:*:* *cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:*:*:*:*:*:* *cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:*:*:*:*:*:* OR *cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Jun. 06, 2021

    Action Type Old Value New Value
    Added Reference https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
  • CVE Modified by [email protected]

    Mar. 30, 2021

    Action Type Old Value New Value
    Added Reference https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
  • CVE Modified by [email protected]

    Apr. 01, 2020

    Action Type Old Value New Value
    Added Reference https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
  • CVE Modified by [email protected]

    Apr. 01, 2020

    Action Type Old Value New Value
    Added Reference https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 15, 2019

    Action Type Old Value New Value
    Added Reference https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
    Added Reference https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 17, 2018

    Action Type Old Value New Value
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/445206/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/450321/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/441485/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/441526/100/200/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/443870/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/441487/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/450321/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/445206/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/443870/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/441526/100/200/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/441487/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/441485/100/0/threaded [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 20, 2017

    Action Type Old Value New Value
    Removed Reference http://xforce.iss.net/xforce/xfdb/28063 [No Types Assigned]
    Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/28063 [No Types Assigned]
  • Initial Analysis by [email protected]

    Jul. 31, 2006

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2006-3747 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2006-3747 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

97.43 }} 0.03%

score

0.99941

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability
: