Denial of Service Vulnerability in Apache Mod_Perl
CVE-2007-1349

Currently unrated

Key Information:

Vendor: Apache
Status: Mod Perl
Vendor: CVE Published:; 30 March 2007

Summary

The vulnerability in Apache mod_perl prior to version 1.30 allows remote attackers to exploit improper escaping of the PATH_INFO variable before it is utilized in a regular expression context. This flaw can be exploited by sending a maliciously crafted URI, potentially causing excessive resource consumption and leading to service interruptions.

References

http://secunia.com/advisories/26231

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1018259

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/25894

third-party-advisoryx_refsource_SECUNIA

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 30, 2007
Vulnerability Reserved
Mar 8, 2007