[email protected]NVD:CVE-2006-20001

HistoryJan 17, 2023 - 8:15 p.m.

CVE-2006-20001

Vulners
Nvd
CVE-2006-20001

2023-01-1720:15:11

CWE-787

[email protected]

web.nvd.nist.gov

apache http server

memory read

memory write

process crash

cve-2006-20001

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.4%

JSON

A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.

This issue affects Apache HTTP Server 2.4.54 and earlier.

Affected configurations

NVD

Node

apachehttp_serverRange<2.4.55

References

httpd.apache.org/security/vulnerabilities_24.html

security.gentoo.org/glsa/202309-01

ibm 8

cvelist 1

redhatcve 1

veracode 1

prion 1

osv 9

debiancve 1

cloudlinux 1

cve 1

cnvd 1

ubuntucve 1

alpinelinux 1

f5 1

ubuntu 2

nessus 47

openvas 32

almalinux 2

oraclelinux 2

altlinux 2

rocky 2

mageia 1

slackware 1

fedora 2

freebsd 1

kaspersky 1

redhat 4

amazon 2

redos 1

debian 2

gentoo 1

photon 2

rosalinux 1

hp 1

ics 1

oracle 1

ibm

Security Bulletin: Vulnerability in Apache HTTP Server affect Cloud Pak System (CVE-2006-20001)

2023-03-31 16:41:42

Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP response splitting and denial of service attacks (CVE-2022-37436, CVE-2006-20001)

2023-04-19 15:11:52

Security Bulletin: Multiple security vulnerabilities has been identified in IBM HTTP Server shipped with IBM Rational ClearCase [CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2022-25147, CVE-2006-20001]

2023-03-03 06:30:57

cvelist

CVE-2006-20001 Apache HTTP Server: mod_dav out of bounds read, or write of zero byte

2023-01-17 19:07:27

redhatcve

CVE-2006-20001

2023-01-18 19:05:06

veracode

Denial Of Service (DoS)

2023-01-20 06:55:49

prion

Design/Logic Flaw

2023-01-17 20:15:00

osv

CVE-2006-20001

2023-01-17 20:15:11

apache2 vulnerabilities

2023-01-31 13:13:51

Moderate: httpd security and bug fix update

2023-02-28 00:00:00

debiancve

CVE-2006-20001

2023-01-17 20:15:11

cloudlinux

httpd: Fix of CVE-2006-20001

2023-03-06 21:06:33

cve

CVE-2006-20001

2023-01-17 20:15:11

cnvd

Apache HTTP Server Buffer Overflow Vulnerability (CNVD-2023-80558)

2023-10-19 00:00:00

ubuntucve

CVE-2006-20001

2023-01-17 00:00:00

alpinelinux

CVE-2006-20001

2023-01-17 20:15:11

K000132525 : Apache vulnerability CVE-2006-20001

2023-02-14 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2023-01-31 00:00:00

Apache HTTP Server vulnerabilities

2023-02-01 00:00:00

nessus

Ubuntu 16.04 ESM : Apache HTTP Server vulnerabilities (USN-5834-1)

2023-01-31 00:00:00

RHEL 9 : httpd (RHSA-2023:0970)

2023-02-28 00:00:00

AlmaLinux 9 : httpd (ALSA-2023:0970)

2023-02-28 00:00:00

openvas

Ubuntu: Security Advisory (USN-5834-1)

2023-02-01 00:00:00

SUSE: Security Advisory (SUSE-SU-2023:0321-1)

2023-02-10 00:00:00

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-2240)

2023-06-12 00:00:00

almalinux

Moderate: httpd:2.4 security and bug fix update

2023-02-21 00:00:00

Moderate: httpd security and bug fix update

2023-02-28 00:00:00

oraclelinux

httpd:2.4 security and bug fix update

2023-02-22 00:00:00

httpd security and bug fix update

2023-02-28 00:00:00

altlinux

Security fix for the ALT Linux 9 package apache2 version 1:2.4.55-alt1

2023-02-16 00:00:00

Security fix for the ALT Linux 10 package apache2 version 1:2.4.55-alt1

2023-02-07 00:00:00

rocky

httpd:2.4 security and bug fix update

2023-02-22 01:08:53

httpd security and bug fix update

2023-04-06 15:53:36

mageia

Updated apache packages fix security vulnerability

2023-02-07 03:06:39

slackware

[slackware-security] httpd

2023-01-18 06:23:09

fedora

[SECURITY] Fedora 37 Update: httpd-2.4.55-1.fc37

2023-01-28 01:27:38

[SECURITY] Fedora 36 Update: httpd-2.4.55-1.fc36

2023-02-03 01:42:01

freebsd

Apache httpd -- Multiple vulnerabilities

2023-01-17 00:00:00

kaspersky

KLA20167 Multiple vulnerabilities in Apache HTTP Server

2023-01-17 00:00:00

redhat

(RHSA-2023:0852) Moderate: httpd:2.4 security and bug fix update

2023-02-21 08:48:58

(RHSA-2023:0970) Moderate: httpd security and bug fix update

2023-02-28 07:53:34

(RHSA-2023:3355) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

2023-06-05 11:45:22

amazon

Important: httpd

2023-02-17 00:10:00

Important: httpd24

2023-03-17 15:53:00

redos

ROS-20240603-04

2024-06-03 00:00:00

debian

[SECURITY] [DLA 3351-1] apache2 security update

2023-03-03 16:35:17

[SECURITY] [DSA 5376-1] apache2 security update

2023-03-20 18:52:17

gentoo

Apache HTTPD: Multiple Vulnerabilities

2023-09-08 00:00:00

photon

Critical Photon OS Security Update - PHSA-2023-3.0-0522

2023-01-31 00:00:00

Critical Photon OS Security Update - PHSA-2023-4.0-0325

2023-02-01 00:00:00

rosalinux

Advisory ROSA-SA-2023-2159

2023-04-25 11:49:15

HP Device Manager Security Updates

2023-04-13 00:00:00

ics

Siemens SCALANCE XCM-/XRM-300

2024-02-15 12:00:00

oracle

Oracle Critical Patch Update Advisory - July 2023

2023-07-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.4%

JSON

Related for NVD:CVE-2006-20001

ibm8 cvelist1 redhatcve1 veracode1 prion1 osv9 debiancve1 cloudlinux1 cve1 cnvd1 ubuntucve1 alpinelinux1 f51 ubuntu2 nessus47 openvas32 almalinux2 oraclelinux2 altlinux2 rocky2 mageia1 slackware1 fedora2 freebsd1 kaspersky1 redhat4 amazon2 redos1 debian2 gentoo1 photon2 rosalinux1 hp1 ics1 oracle1