CVE-2006-3747
Apache mod_rewrite LDAP Scheme Off-by-One Vulnerability (Deserialization)
Description
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
INFO
Published Date :
July 28, 2006, 6:02 p.m.
Last Modified :
April 3, 2025, 1:03 a.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
10.0
Exploitability Score :
4.9
Public PoC/Exploit Available at Github
CVE-2006-3747 has a 1 public PoC/Exploit
available at Github.
Go to the Public Exploits
tab to see the list.
Affected Products
The following products are affected by CVE-2006-3747
vulnerability.
Even if cvefeed.io
is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2006-3747
.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Information about my advisory on CVE-2006-3747 (Apache mod_rewrite LDAP off-by-one buffer overflow).. At the time, it was the first public working exploit :)
buffer-overflow buffer-overflow-attack pentesting apache
HTML Shell
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2006-3747
vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2006-3747
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Nov. 21, 2024
Action Type Old Value New Value Added Reference http://docs.info.apple.com/article.html?artnum=307562 Added Reference http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 Added Reference http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 Added Reference http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 Added Reference http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 Added Reference http://kbase.redhat.com/faq/FAQ_68_8653.shtm Added Reference http://lists.apple.com/archives/security-announce/2008//May/msg00001.html Added Reference http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html Added Reference http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html Added Reference http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html Added Reference http://lwn.net/Alerts/194228/ Added Reference http://marc.info/?l=bugtraq&m=130497311408250&w=2 Added Reference http://marc.info/?l=bugtraq&m=130497311408250&w=2 Added Reference http://secunia.com/advisories/21197 Added Reference http://secunia.com/advisories/21241 Added Reference http://secunia.com/advisories/21245 Added Reference http://secunia.com/advisories/21247 Added Reference http://secunia.com/advisories/21266 Added Reference http://secunia.com/advisories/21273 Added Reference http://secunia.com/advisories/21284 Added Reference http://secunia.com/advisories/21307 Added Reference http://secunia.com/advisories/21313 Added Reference http://secunia.com/advisories/21315 Added Reference http://secunia.com/advisories/21346 Added Reference http://secunia.com/advisories/21478 Added Reference http://secunia.com/advisories/21509 Added Reference http://secunia.com/advisories/22262 Added Reference http://secunia.com/advisories/22368 Added Reference http://secunia.com/advisories/22388 Added Reference http://secunia.com/advisories/22523 Added Reference http://secunia.com/advisories/23028 Added Reference http://secunia.com/advisories/23260 Added Reference http://secunia.com/advisories/26329 Added Reference http://secunia.com/advisories/29420 Added Reference http://secunia.com/advisories/29849 Added Reference http://secunia.com/advisories/30430 Added Reference http://security.gentoo.org/glsa/glsa-200608-01.xml Added Reference http://securityreason.com/securityalert/1312 Added Reference http://securitytracker.com/id?1016601 Added Reference http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 Added Reference http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 Added Reference http://svn.apache.org/viewvc?view=rev&revision=426144 Added Reference http://www.apache.org/dist/httpd/Announcement2.0.html Added Reference http://www.debian.org/security/2006/dsa-1131 Added Reference http://www.debian.org/security/2006/dsa-1132 Added Reference http://www.kb.cert.org/vuls/id/395412 Added Reference http://www.mandriva.com/security/advisories?name=MDKSA-2006:133 Added Reference http://www.novell.com/linux/security/advisories/2006_43_apache.html Added Reference http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html Added Reference http://www.osvdb.org/27588 Added Reference http://www.securityfocus.com/archive/1/441485/100/0/threaded Added Reference http://www.securityfocus.com/archive/1/441487/100/0/threaded Added Reference http://www.securityfocus.com/archive/1/441526/100/200/threaded Added Reference http://www.securityfocus.com/archive/1/443870/100/0/threaded Added Reference http://www.securityfocus.com/archive/1/445206/100/0/threaded Added Reference http://www.securityfocus.com/archive/1/445206/100/0/threaded Added Reference http://www.securityfocus.com/archive/1/450321/100/0/threaded Added Reference http://www.securityfocus.com/archive/1/450321/100/0/threaded Added Reference http://www.securityfocus.com/bid/19204 Added Reference http://www.ubuntu.com/usn/usn-328-1 Added Reference http://www.us-cert.gov/cas/techalerts/TA08-150A.html Added Reference http://www.vupen.com/english/advisories/2006/3017 Added Reference http://www.vupen.com/english/advisories/2006/3264 Added Reference http://www.vupen.com/english/advisories/2006/3282 Added Reference http://www.vupen.com/english/advisories/2006/3884 Added Reference http://www.vupen.com/english/advisories/2006/3995 Added Reference http://www.vupen.com/english/advisories/2006/4015 Added Reference http://www.vupen.com/english/advisories/2006/4207 Added Reference http://www.vupen.com/english/advisories/2006/4300 Added Reference http://www.vupen.com/english/advisories/2006/4868 Added Reference http://www.vupen.com/english/advisories/2007/2783 Added Reference http://www.vupen.com/english/advisories/2008/0924/references Added Reference http://www.vupen.com/english/advisories/2008/1246/references Added Reference http://www.vupen.com/english/advisories/2008/1697 Added Reference http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154 Added Reference http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156 Added Reference http://www-1.ibm.com/support/docview.wss?uid=swg24013080 Added Reference http://www-1.ibm.com/support/docview.wss?uid=swg27007951 Added Reference http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/28063 Added Reference https://issues.rpath.com/browse/RPL-538 Added Reference https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E Added Reference https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E -
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value -
CVE Modified by [email protected]
Feb. 13, 2023
Action Type Old Value New Value Removed Reference https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Removed Reference https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E [Vendor Advisory] Added Reference https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E [No Types Assigned] -
Modified Analysis by [email protected]
Jan. 19, 2023
Action Type Old Value New Value Changed Reference Type http://docs.info.apple.com/article.html?artnum=307562 No Types Assigned http://docs.info.apple.com/article.html?artnum=307562 Third Party Advisory Changed Reference Type http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 No Types Assigned http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 Third Party Advisory Changed Reference Type http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 No Types Assigned http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 Third Party Advisory Changed Reference Type http://kbase.redhat.com/faq/FAQ_68_8653.shtm No Types Assigned http://kbase.redhat.com/faq/FAQ_68_8653.shtm Third Party Advisory Changed Reference Type http://lists.apple.com/archives/security-announce/2008//May/msg00001.html No Types Assigned http://lists.apple.com/archives/security-announce/2008//May/msg00001.html Mailing List, Third Party Advisory Changed Reference Type http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html No Types Assigned http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html Mailing List, Third Party Advisory Changed Reference Type http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html No Types Assigned http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html Third Party Advisory Changed Reference Type http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html No Types Assigned http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html Mailing List, Third Party Advisory Changed Reference Type http://lwn.net/Alerts/194228/ No Types Assigned http://lwn.net/Alerts/194228/ Mailing List, Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=130497311408250&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=130497311408250&w=2 Mailing List, Third Party Advisory Changed Reference Type http://secunia.com/advisories/21197 Vendor Advisory http://secunia.com/advisories/21197 Broken Link Changed Reference Type http://secunia.com/advisories/21241 Vendor Advisory http://secunia.com/advisories/21241 Broken Link Changed Reference Type http://secunia.com/advisories/21245 Vendor Advisory http://secunia.com/advisories/21245 Broken Link Changed Reference Type http://secunia.com/advisories/21247 Vendor Advisory http://secunia.com/advisories/21247 Broken Link Changed Reference Type http://secunia.com/advisories/21266 Vendor Advisory http://secunia.com/advisories/21266 Broken Link Changed Reference Type http://secunia.com/advisories/21273 Vendor Advisory http://secunia.com/advisories/21273 Broken Link Changed Reference Type http://secunia.com/advisories/21284 Vendor Advisory http://secunia.com/advisories/21284 Broken Link Changed Reference Type http://secunia.com/advisories/21307 Vendor Advisory http://secunia.com/advisories/21307 Broken Link Changed Reference Type http://secunia.com/advisories/21313 Vendor Advisory http://secunia.com/advisories/21313 Broken Link Changed Reference Type http://secunia.com/advisories/21315 Vendor Advisory http://secunia.com/advisories/21315 Broken Link Changed Reference Type http://secunia.com/advisories/21346 Vendor Advisory http://secunia.com/advisories/21346 Broken Link Changed Reference Type http://secunia.com/advisories/21478 Vendor Advisory http://secunia.com/advisories/21478 Broken Link Changed Reference Type http://secunia.com/advisories/21509 Vendor Advisory http://secunia.com/advisories/21509 Broken Link Changed Reference Type http://secunia.com/advisories/22262 Vendor Advisory http://secunia.com/advisories/22262 Broken Link Changed Reference Type http://secunia.com/advisories/22368 Vendor Advisory http://secunia.com/advisories/22368 Broken Link Changed Reference Type http://secunia.com/advisories/22388 Vendor Advisory http://secunia.com/advisories/22388 Broken Link Changed Reference Type http://secunia.com/advisories/22523 Vendor Advisory http://secunia.com/advisories/22523 Broken Link Changed Reference Type http://secunia.com/advisories/23028 Vendor Advisory http://secunia.com/advisories/23028 Broken Link Changed Reference Type http://secunia.com/advisories/23260 Vendor Advisory http://secunia.com/advisories/23260 Broken Link Changed Reference Type http://secunia.com/advisories/26329 No Types Assigned http://secunia.com/advisories/26329 Broken Link Changed Reference Type http://secunia.com/advisories/29420 No Types Assigned http://secunia.com/advisories/29420 Broken Link Changed Reference Type http://secunia.com/advisories/29849 No Types Assigned http://secunia.com/advisories/29849 Broken Link Changed Reference Type http://secunia.com/advisories/30430 No Types Assigned http://secunia.com/advisories/30430 Broken Link Changed Reference Type http://security.gentoo.org/glsa/glsa-200608-01.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200608-01.xml Third Party Advisory Changed Reference Type http://securityreason.com/securityalert/1312 No Types Assigned http://securityreason.com/securityalert/1312 Third Party Advisory Changed Reference Type http://securitytracker.com/id?1016601 No Types Assigned http://securitytracker.com/id?1016601 Third Party Advisory, VDB Entry Changed Reference Type http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 No Types Assigned http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 Broken Link Changed Reference Type http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 No Types Assigned http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 Broken Link Changed Reference Type http://svn.apache.org/viewvc?view=rev&revision=426144 No Types Assigned http://svn.apache.org/viewvc?view=rev&revision=426144 Vendor Advisory Changed Reference Type http://www.debian.org/security/2006/dsa-1131 Patch http://www.debian.org/security/2006/dsa-1131 Patch, Third Party Advisory Changed Reference Type http://www.debian.org/security/2006/dsa-1132 Patch http://www.debian.org/security/2006/dsa-1132 Patch, Third Party Advisory Changed Reference Type http://www.kb.cert.org/vuls/id/395412 US Government Resource http://www.kb.cert.org/vuls/id/395412 Third Party Advisory, US Government Resource Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2006:133 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2006:133 Broken Link Changed Reference Type http://www.novell.com/linux/security/advisories/2006_43_apache.html No Types Assigned http://www.novell.com/linux/security/advisories/2006_43_apache.html Third Party Advisory Changed Reference Type http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html No Types Assigned http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html Third Party Advisory Changed Reference Type http://www.osvdb.org/27588 No Types Assigned http://www.osvdb.org/27588 Broken Link Changed Reference Type http://www.securityfocus.com/archive/1/441485/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/441485/100/0/threaded Third Party Advisory, VDB Entry Changed Reference Type http://www.securityfocus.com/archive/1/441487/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/441487/100/0/threaded Third Party Advisory, VDB Entry Changed Reference Type http://www.securityfocus.com/archive/1/441526/100/200/threaded No Types Assigned http://www.securityfocus.com/archive/1/441526/100/200/threaded Third Party Advisory, VDB Entry Changed Reference Type http://www.securityfocus.com/archive/1/443870/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/443870/100/0/threaded Third Party Advisory, VDB Entry Changed Reference Type http://www.securityfocus.com/archive/1/445206/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/445206/100/0/threaded Third Party Advisory, VDB Entry Changed Reference Type http://www.securityfocus.com/archive/1/450321/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/450321/100/0/threaded Third Party Advisory, VDB Entry Changed Reference Type http://www.securityfocus.com/bid/19204 No Types Assigned http://www.securityfocus.com/bid/19204 Third Party Advisory, VDB Entry Changed Reference Type http://www.ubuntu.com/usn/usn-328-1 No Types Assigned http://www.ubuntu.com/usn/usn-328-1 Third Party Advisory Changed Reference Type http://www.us-cert.gov/cas/techalerts/TA08-150A.html US Government Resource http://www.us-cert.gov/cas/techalerts/TA08-150A.html Third Party Advisory, US Government Resource Changed Reference Type http://www.vupen.com/english/advisories/2006/3017 No Types Assigned http://www.vupen.com/english/advisories/2006/3017 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2006/3264 No Types Assigned http://www.vupen.com/english/advisories/2006/3264 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2006/3282 No Types Assigned http://www.vupen.com/english/advisories/2006/3282 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2006/3884 No Types Assigned http://www.vupen.com/english/advisories/2006/3884 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2006/3995 No Types Assigned http://www.vupen.com/english/advisories/2006/3995 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2006/4015 No Types Assigned http://www.vupen.com/english/advisories/2006/4015 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2006/4207 No Types Assigned http://www.vupen.com/english/advisories/2006/4207 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2006/4300 No Types Assigned http://www.vupen.com/english/advisories/2006/4300 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2006/4868 No Types Assigned http://www.vupen.com/english/advisories/2006/4868 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2007/2783 No Types Assigned http://www.vupen.com/english/advisories/2007/2783 Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2008/0924/references No Types Assigned http://www.vupen.com/english/advisories/2008/0924/references Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2008/1246/references No Types Assigned http://www.vupen.com/english/advisories/2008/1246/references Permissions Required Changed Reference Type http://www.vupen.com/english/advisories/2008/1697 No Types Assigned http://www.vupen.com/english/advisories/2008/1697 Permissions Required Changed Reference Type http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154 No Types Assigned http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154 Third Party Advisory Changed Reference Type http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156 No Types Assigned http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156 Third Party Advisory Changed Reference Type http://www-1.ibm.com/support/docview.wss?uid=swg24013080 No Types Assigned http://www-1.ibm.com/support/docview.wss?uid=swg24013080 Third Party Advisory Changed Reference Type http://www-1.ibm.com/support/docview.wss?uid=swg27007951 No Types Assigned http://www-1.ibm.com/support/docview.wss?uid=swg27007951 Third Party Advisory Changed Reference Type http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 No Types Assigned http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 Third Party Advisory Changed Reference Type https://exchange.xforce.ibmcloud.com/vulnerabilities/28063 No Types Assigned https://exchange.xforce.ibmcloud.com/vulnerabilities/28063 Third Party Advisory, VDB Entry Changed Reference Type https://issues.rpath.com/browse/RPL-538 No Types Assigned https://issues.rpath.com/browse/RPL-538 Broken Link Changed Reference Type https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed Reference Type https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E No Types Assigned https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E Vendor Advisory Changed CPE Configuration OR *cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.5:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.7:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.7:*:dev:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.8:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:* *cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:* OR *cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from (including) 1.3.28 up to (excluding) 1.3.37 *cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from (including) 2.0.46 up to (excluding) 2.0.59 *cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from (including) 2.2.0 up to (excluding) 2.2.3 Changed CPE Configuration OR *cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:*:*:*:*:*:* *cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:*:*:*:*:*:* *cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:*:*:*:*:*:* OR *cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* -
CVE Modified by [email protected]
Jun. 06, 2021
Action Type Old Value New Value Added Reference https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E [No Types Assigned] -
CVE Modified by [email protected]
Mar. 30, 2021
Action Type Old Value New Value Added Reference https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E [No Types Assigned] -
CVE Modified by [email protected]
Apr. 01, 2020
Action Type Old Value New Value Added Reference https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E [No Types Assigned] -
CVE Modified by [email protected]
Apr. 01, 2020
Action Type Old Value New Value Added Reference https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E [No Types Assigned] -
CVE Modified by [email protected]
Aug. 15, 2019
Action Type Old Value New Value Added Reference https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E [No Types Assigned] Added Reference https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E [No Types Assigned] -
CVE Modified by [email protected]
Oct. 17, 2018
Action Type Old Value New Value Removed Reference http://www.securityfocus.com/archive/1/archive/1/445206/100/0/threaded [No Types Assigned] Removed Reference http://www.securityfocus.com/archive/1/archive/1/450321/100/0/threaded [No Types Assigned] Removed Reference http://www.securityfocus.com/archive/1/archive/1/441485/100/0/threaded [No Types Assigned] Removed Reference http://www.securityfocus.com/archive/1/archive/1/441526/100/200/threaded [No Types Assigned] Removed Reference http://www.securityfocus.com/archive/1/archive/1/443870/100/0/threaded [No Types Assigned] Removed Reference http://www.securityfocus.com/archive/1/archive/1/441487/100/0/threaded [No Types Assigned] Added Reference http://www.securityfocus.com/archive/1/450321/100/0/threaded [No Types Assigned] Added Reference http://www.securityfocus.com/archive/1/445206/100/0/threaded [No Types Assigned] Added Reference http://www.securityfocus.com/archive/1/443870/100/0/threaded [No Types Assigned] Added Reference http://www.securityfocus.com/archive/1/441526/100/200/threaded [No Types Assigned] Added Reference http://www.securityfocus.com/archive/1/441487/100/0/threaded [No Types Assigned] Added Reference http://www.securityfocus.com/archive/1/441485/100/0/threaded [No Types Assigned] -
CVE Modified by [email protected]
Jul. 20, 2017
Action Type Old Value New Value Removed Reference http://xforce.iss.net/xforce/xfdb/28063 [No Types Assigned] Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/28063 [No Types Assigned] -
Initial Analysis by [email protected]
Jul. 31, 2006
Action Type Old Value New Value
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2006-3747
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2006-3747
weaknesses.
Exploit Prediction
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
92.04 }} -0.70%
score
0.99697
percentile