Denial of Service Vulnerability in Apache2::Request by Apache Software Foundation
CVE-2006-0042

Currently unrated

Key Information:

Vendor: Apache
Status: Libapreq2
Vendor: CVE Published:; 18 February 2006

What is CVE-2006-0042?

A vulnerability exists in the Apache2::Request library (Libapreq2) prior to version 2.07, specifically in the apreq_parse_headers and apreq_parse_urlencoded functions. This flaw allows remote attackers to exploit the library, leading to denial of service through excessive CPU consumption. The attack vectors remain unspecified, but the nature of the vulnerability suggests that it can be triggered by manipulating input data, resulting in quadratic computational complexity and degrading performance of affected systems.

References

http://secunia.com/advisories/19658

third-party-advisoryx_refsource_SECUNIA

http://svn.apache.org/viewcvs.cgi/httpd/apreq/tags/v2_07/...

x_refsource_CONFIRM

http://www.debian.org/security/2006/dsa-1000

vendor-advisoryx_refsource_DEBIAN

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 18, 2006
Vulnerability Reserved
Dec 20, 2005