Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2007-0086

Published: 05/01/2007 Updated: 17/05/2024
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 695
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote malicious users to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server -

Github Repositories

https://github.com/actions-marketplace-validations/cynalytica_container-scan

Container Scan This action is a clone with modifications to the Azure Container Scan Github action This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy for running ce

https://github.com/cynalytica/container-scan

Clone of Azure/container-scan

Container Scan This action is a clone with modifications to the Azure Container Scan Github action This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy for running ce

Recent Articles

Oracle Out of Cycle Apache Patch – CVE-2011-3192
Securelist • Kurt Baumgartner • 16 Sep 2011

Webmasters, mainly corporate sysadmin and dev teams, need to pay attention to today’s Oracle CPU, impacting Oracle Fusion Middleware, Oracle Application Server, and Oracle Enterprise Manager. This stuff is commonly deployed in the enterprise. Sysadmins should be aware that CVE-2011-3192 is only known to enable DoS attacks: “The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU ...

Read more...

References

CWE-400http://www.securityfocus.com/archive/1/455879/100/0/threadedhttp://www.securityfocus.com/archive/1/455920/100/0/threadedhttp://www.securityfocus.com/archive/1/455882/100/0/threadedhttp://osvdb.org/33456http://www.securityfocus.com/archive/1/455833/100/0/threadedhttps://nvd.nist.govhttps://github.com/actions-marketplace-validations/cynalytica_container-scanhttps://github.com/cynalytica/container-scanhttps://securelist.com/oracle-out-of-cycle-apache-patch-cve-2011-3192-6/29552/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920buffer overflowCVE-2024-36913CVE-2024-5497CVE-2024-23917CVE-2024-4956server-side request forgeryCVE-2024-35468SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook