CVE Vulnerabilities

CVE-2005-2728

Published: Aug 30, 2005 | Modified: Jun 06, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.

Affected Software

Name Vendor Start Version End Version
Http_server Apache 2.0.28 2.0.28
Http_server Apache 2.0.32 2.0.32
Http_server Apache 2.0.41 2.0.41
Http_server Apache 2.0.42 2.0.42
Http_server Apache 2.0.49 2.0.49
Http_server Apache 2.0.50 2.0.50
Http_server Apache 2.0.35 2.0.35
Http_server Apache 2.0.36 2.0.36
Http_server Apache 2.0.43 2.0.43
Http_server Apache 2.0.44 2.0.44
Http_server Apache 2.0.51 2.0.51
Http_server Apache 2.0.52 2.0.52
Http_server Apache 2.0.47 2.0.47
Http_server Apache 2.0.37 2.0.37
Http_server Apache 2.0.39 2.0.39
Http_server Apache 2.0.53 2.0.53
Http_server Apache 2.0.9 2.0.9
Http_server Apache 2.0.38 2.0.38
Http_server Apache 2.0.48 2.0.48
Http_server Apache 2.0.45 2.0.45
Http_server Apache 2.0.40 2.0.40
Http_server Apache 2.0.46 2.0.46
Http_server Apache 2.0.28 2.0.28
Http_server Apache 2.0 2.0
Red Hat Enterprise Linux 3 RedHat httpd-0:2.0.46-46.3.ent *
Red Hat Enterprise Linux 4 RedHat httpd-0:2.0.52-12.2.ent *
Apache2 Ubuntu dapper *
Apache2 Ubuntu devel *
Apache2 Ubuntu edgy *
Apache2 Ubuntu feisty *

References