CVE-2006-20001
Summary
| CVE | CVE-2006-20001 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-01-17 20:15:00 UTC |
|---|
| Updated | 2023-09-08 22:15:00 UTC |
|---|
| Description | A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.
This issue affects Apache HTTP Server 2.4.54 and earlier. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Application |
Apache |
Http Server |
All |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| Apache HTTP Server 2.4 vulnerabilities - The Apache HTTP Server Project |
MISC |
httpd.apache.org |
|
| Apache HTTPD: Multiple Vulnerabilities (GLSA 202309-01) — Gentoo security |
MISC |
security.gentoo.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 150640 Apache HTTP Server Prior to 2.4.55 Multiple Security Vulnerabilities
- 160477 Oracle Enterprise Linux Security Update for httpd:2.4 (ELSA-2023-0852)
- 160485 Oracle Enterprise Linux Security Update for httpd (ELSA-2023-0970)
- 181620 Debian Security Update for apache2 (DLA 3351-1)
- 181660 Debian Security Update for apache2 (DSA 5376-1)
- 199145 Ubuntu Security Notification for Apache Hypertext Transfer Protocol (HTTP) Server Vulnerabilities (USN-5839-1)
- 199484 Ubuntu Security Notification for Apache Hypertext Transfer Protocol (HTTP) Server Vulnerabilities (USN-5834-1)
- 241210 Red Hat Update for httpd:2.4 (RHSA-2023:0852)
- 241220 Red Hat Update for httpd (RHSA-2023:0970)
- 241574 Red Hat Update for JBoss Core Services (RHSA-2023:3354)
- 283640 Fedora Security Update for httpd (FEDORA-2023-f6ff3f85eb)
- 283670 Fedora Security Update for httpd (FEDORA-2023-6d4055d482)
- 354767 Amazon Linux Security Advisory for httpd : ALAS2-2023-1938
- 354845 Amazon Linux Security Advisory for httpd24 : ALAS-2023-1711
- 355218 Amazon Linux Security Advisory for httpd : ALAS2023-2023-115
- 378372 IBM Hypertext Transfer Protocol (HTTP) Server Multiple Vulnerabilities (6955577)
- 502635 Alpine Linux Security Update for apache2
- 503858 Alpine Linux Security Update for apache2
- 672790 EulerOS Security Update for httpd (EulerOS-SA-2023-1550)
- 672801 EulerOS Security Update for httpd (EulerOS-SA-2023-1525)
- 672865 EulerOS Security Update for httpd (EulerOS-SA-2023-1596)
- 672903 EulerOS Security Update for httpd (EulerOS-SA-2023-1780)
- 672910 EulerOS Security Update for httpd (EulerOS-SA-2023-1758)
- 672999 EulerOS Security Update for httpd (EulerOS-SA-2023-1847)
- 673013 EulerOS Security Update for httpd (EulerOS-SA-2023-1872)
- 673065 EulerOS Security Update for httpd (EulerOS-SA-2023-2148)
- 691030 Free Berkeley Software Distribution (FreeBSD) Security Update for apache httpd (00919005-96a3-11ed-86e9-d4c9ef517024)
- 753594 SUSE Enterprise Linux Security Update for apache2 (SUSE-SU-2023:0183-1)
- 753595 SUSE Enterprise Linux Security Update for apache2 (SUSE-SU-2023:0185-1)
- 753638 SUSE Enterprise Linux Security Update for apache2 (SUSE-SU-2023:0294-1)
- 753653 SUSE Enterprise Linux Security Update for apache2 (SUSE-SU-2023:0321-1)
- 753658 SUSE Enterprise Linux Security Update for apache2 (SUSE-SU-2023:0322-1)
- 940931 AlmaLinux Security Update for httpd:2.4 (ALSA-2023:0852)
- 940948 AlmaLinux Security Update for httpd (ALSA-2023:0970)
- 960655 Rocky Linux Security Update for httpd:2.4 (RLSA-2023:0852)
- 960890 Rocky Linux Security Update for httpd (RLSA-2023:0970)
