PerlRun.pm in Apache mod_perl prior to 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote malicious users to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache mod perl |
||
canonical ubuntu linux 6.06 |
||
canonical ubuntu linux 6.10 |
||
canonical ubuntu linux 7.04 |
||
redhat satellite 5.1 |
||
redhat enterprise linux desktop 3.0 |
||
redhat enterprise linux desktop 4.0 |
||
redhat enterprise linux desktop 5.0 |
||
redhat enterprise linux eus 4.5 |
||
redhat enterprise linux server 3.0 |
||
redhat enterprise linux server 4.0 |
||
redhat enterprise linux server 5.0 |
||
redhat enterprise linux workstation 3.0 |
||
redhat enterprise linux workstation 4.0 |
||
redhat enterprise linux workstation 5.0 |