CVE-2007-3847
Published: 23 August 2007
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Priority
Status
Package | Release | Status |
---|---|---|
apache2 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.0.55-4ubuntu2.3)
|
edgy |
Released
(2.0.55-4ubuntu4.2)
|
|
feisty |
Released
(2.2.3-3.2ubuntu2.1)
|
|
gutsy |
Released
(2.2.4-3ubuntu0.1)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://marc.info/?l=apache-cvs&m=118592992309395&w=2 |