The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Converged_communications_server | Avaya | 2.0 (including) | 2.0 (including) |
Linux | Gentoo | 1.4 (including) | 1.4 (including) |
Secure_linux | Trustix | 1.5 (including) | 1.5 (including) |
Secure_linux | Trustix | 2.0 (including) | 2.0 (including) |
Secure_linux | Trustix | 2.1 (including) | 2.1 (including) |
Red Hat Enterprise Linux 3 | RedHat | httpd-0:2.0.46-32.ent.3 | * |
Apache2 | Ubuntu | dapper | * |
Apache2 | Ubuntu | devel | * |
Apache2 | Ubuntu | edgy | * |
Apache2 | Ubuntu | feisty | * |