5 - CVE-2007-3847

Executive Summary

Informations
Name	CVE-2007-3847	First vendor Publication	2007-08-23
Vendor	Cve	Last vendor Modification	2023-02-13

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-125	Out-of-bounds Read

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10525

Oval ID:	oval:org.mitre.oval:def:10525
Title:	The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Description:	The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-3847	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section httpd-devel is earlier than 0:2.0.46-70.ent AND mod_ssl is earlier than 0:2.0.46-70.ent AND httpd is earlier than 0:2.0.46-70.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section httpd-suexec is earlier than 0:2.0.52-38.ent AND httpd-manual is earlier than 0:2.0.52-38.ent AND httpd-devel is earlier than 0:2.0.52-38.ent AND mod_ssl is earlier than 1:2.0.52-38.ent AND httpd is earlier than 0:2.0.52-38.ent OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section httpd-manual is earlier than 0:2.2.3-11.el5 AND httpd-devel is earlier than 0:2.2.3-11.el5 AND mod_ssl is earlier than 1:2.2.3-11.el5 AND httpd is earlier than 0:2.2.3-11.el5

Definition Id: oval:org.mitre.oval:def:22299

Oval ID:	oval:org.mitre.oval:def:22299
Title:	ELSA-2007:0746: httpd security, bug fix, and enhancement update (Moderate)
Description:	The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:0746-04 CVE-2007-3847	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	httpd
Definition Synopsis:
Oracle Linux 5.x rpm test httpd-manual is earlier than 0:2.2.3-11.el5 AND httpd-devel is earlier than 0:2.2.3-11.el5 AND mod_ssl is earlier than 0:2.2.3-11.el5 AND httpd is earlier than 0:2.2.3-11.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apache Http Server cpe:2.3:a:apache:http_server:2.2.5:::::::* cpe:2.3:a:apache:http_server:2.2.4:::::::* cpe:2.3:a:apache:http_server:2.2.3:::::::* cpe:2.3:a:apache:http_server:2.2.3::windows::::: cpe:2.3:a:apache:http_server:2.2.2:::::::* cpe:2.3:a:apache:http_server:2.2.2::windows::::: cpe:2.3:a:apache:http_server:2.2.1:::::::* cpe:2.3:a:apache:http_server:2.2.0:::::::* cpe:2.3:a:apache:http_server:2.2:::::::* cpe:2.3:a:apache:http_server:2.1.9:::::::* cpe:2.3:a:apache:http_server:2.1.8:::::::* cpe:2.3:a:apache:http_server:2.1.7:::::::* cpe:2.3:a:apache:http_server:2.1.6:::::::* cpe:2.3:a:apache:http_server:2.1.5:::::::* cpe:2.3:a:apache:http_server:2.1.4:::::::* cpe:2.3:a:apache:http_server:2.1.3:::::::* cpe:2.3:a:apache:http_server:2.1.2:::::::* cpe:2.3:a:apache:http_server:2.1.1:::::::* cpe:2.3:a:apache:http_server:2.1.0:::::::* cpe:2.3:a:apache:http_server:2.1:::::::* cpe:2.3:a:apache:http_server:2.0.9:::::::* cpe:2.3:a:apache:http_server:2.0.65:::::::* cpe:2.3:a:apache:http_server:2.0.64:::::::* cpe:2.3:a:apache:http_server:2.0.63:::::::* cpe:2.3:a:apache:http_server:2.0.61:::::::* cpe:2.3:a:apache:http_server:2.0.60:::::::* cpe:2.3:a:apache:http_server:2.0.59:::::::* cpe:2.3:a:apache:http_server:2.0.58:::::::* cpe:2.3:a:apache:http_server:2.0.58::win32::::: cpe:2.3:a:apache:http_server:2.0.57:::::::* cpe:2.3:a:apache:http_server:2.0.56:::::::* cpe:2.3:a:apache:http_server:2.0.55:::::::* cpe:2.3:a:apache:http_server:2.0.54:::::::* cpe:2.3:a:apache:http_server:2.0.53:::::::* cpe:2.3:a:apache:http_server:2.0.52:::::::* cpe:2.3:a:apache:http_server:2.0.51:::::::* cpe:2.3:a:apache:http_server:2.0.50:::::::* cpe:2.3:a:apache:http_server:2.0.49:::::::* cpe:2.3:a:apache:http_server:2.0.48:::::::* cpe:2.3:a:apache:http_server:2.0.47:::::::* cpe:2.3:a:apache:http_server:2.0.46:::::::* cpe:2.3:a:apache:http_server:2.0.46::win32::::: cpe:2.3:a:apache:http_server:2.0.45:::::::* cpe:2.3:a:apache:http_server:2.0.44:::::::* cpe:2.3:a:apache:http_server:2.0.43:::::::* cpe:2.3:a:apache:http_server:2.0.42:::::::* cpe:2.3:a:apache:http_server:2.0.41:::::::* cpe:2.3:a:apache:http_server:2.0.40:::::::* cpe:2.3:a:apache:http_server:2.0.39:::::::* cpe:2.3:a:apache:http_server:2.0.38:::::::* cpe:2.3:a:apache:http_server:2.0.37:::::::* cpe:2.3:a:apache:http_server:2.0.36:::::::* cpe:2.3:a:apache:http_server:2.0.35:::::::* cpe:2.3:a:apache:http_server:2.0.34:beta:::::: cpe:2.3:a:apache:http_server:2.0.34:beta:win32:::::* cpe:2.3:a:apache:http_server:2.0.34:::::::* cpe:2.3:a:apache:http_server:2.0.33:::::::* cpe:2.3:a:apache:http_server:2.0.32:beta:::::: cpe:2.3:a:apache:http_server:2.0.32:::::::* cpe:2.3:a:apache:http_server:2.0.32:beta:win32:::::* cpe:2.3:a:apache:http_server:2.0.31:::::::* cpe:2.3:a:apache:http_server:2.0.30:::::::* cpe:2.3:a:apache:http_server:2.0.29:::::::* cpe:2.3:a:apache:http_server:2.0.28:beta:::::: cpe:2.3:a:apache:http_server:2.0.28:::::::* cpe:2.3:a:apache:http_server:2.0.28:beta:win32:::::* cpe:2.3:a:apache:http_server:2.0.27:::::::* cpe:2.3:a:apache:http_server:2.0.26:::::::* cpe:2.3:a:apache:http_server:2.0.25:::::::* cpe:2.3:a:apache:http_server:2.0.24:::::::* cpe:2.3:a:apache:http_server:2.0.23:::::::* cpe:2.3:a:apache:http_server:2.0.22:::::::* cpe:2.3:a:apache:http_server:2.0.21:::::::* cpe:2.3:a:apache:http_server:2.0.20:::::::* cpe:2.3:a:apache:http_server:2.0.19:::::::* cpe:2.3:a:apache:http_server:2.0.18:::::::* cpe:2.3:a:apache:http_server:2.0.17:::::::* cpe:2.3:a:apache:http_server:2.0.16:::::::* cpe:2.3:a:apache:http_server:2.0.15:::::::* cpe:2.3:a:apache:http_server:2.0.14:::::::* cpe:2.3:a:apache:http_server:2.0.13:::::::* cpe:2.3:a:apache:http_server:2.0.12:::::::* cpe:2.3:a:apache:http_server:2.0.11:::::::* cpe:2.3:a:apache:http_server:2.0.0:::::::* cpe:2.3:a:apache:http_server:2.0:::::::* cpe:2.3:a:apache:http_server:2.0:alpha9:::::: cpe:2.3:a:apache:http_server:1.99:::::::* cpe:2.3:a:apache:http_server:1.4.0:::::::* cpe:2.3:a:apache:http_server:1.3.9:::::::* cpe:2.3:a:apache:http_server:1.3.9::win32::::: cpe:2.3:a:apache:http_server:1.3.8:::::::* cpe:2.3:a:apache:http_server:1.3.7:::::::* cpe:2.3:a:apache:http_server:1.3.7::dev::::: cpe:2.3:a:apache:http_server:1.3.68:::::::* cpe:2.3:a:apache:http_server:1.3.65:::::::* cpe:2.3:a:apache:http_server:1.3.6:::::::* cpe:2.3:a:apache:http_server:1.3.6::win32::::: cpe:2.3:a:apache:http_server:1.3.5:::::::* cpe:2.3:a:apache:http_server:1.3.42:::::::* cpe:2.3:a:apache:http_server:1.3.41:::::::* cpe:2.3:a:apache:http_server:1.3.40:::::::* cpe:2.3:a:apache:http_server:1.3.4:::::::* cpe:2.3:a:apache:http_server:1.3.39:::::::* cpe:2.3:a:apache:http_server:1.3.38:::::::* cpe:2.3:a:apache:http_server:1.3.37:::::::* cpe:2.3:a:apache:http_server:1.3.36:::::::* cpe:2.3:a:apache:http_server:1.3.35:::::::* cpe:2.3:a:apache:http_server:1.3.34:::::::* cpe:2.3:a:apache:http_server:1.3.33:::::::* cpe:2.3:a:apache:http_server:1.3.32:::::::* cpe:2.3:a:apache:http_server:1.3.31:::::::* cpe:2.3:a:apache:http_server:1.3.30:::::::* cpe:2.3:a:apache:http_server:1.3.3:::::::* cpe:2.3:a:apache:http_server:1.3.29:::::::* cpe:2.3:a:apache:http_server:1.3.28:::::::* cpe:2.3:a:apache:http_server:1.3.27:::::::* cpe:2.3:a:apache:http_server:1.3.26:::::::* cpe:2.3:a:apache:http_server:1.3.26::win32::::: cpe:2.3:a:apache:http_server:1.3.25:::::::* cpe:2.3:a:apache:http_server:1.3.25::win32::::: cpe:2.3:a:apache:http_server:1.3.24:::::::* cpe:2.3:a:apache:http_server:1.3.24::win32::::: cpe:2.3:a:apache:http_server:1.3.23:::::::* cpe:2.3:a:apache:http_server:1.3.23::win32::::: cpe:2.3:a:apache:http_server:1.3.22:::::::* cpe:2.3:a:apache:http_server:1.3.22::win32::::: cpe:2.3:a:apache:http_server:1.3.20:::::::* cpe:2.3:a:apache:http_server:1.3.20::win32::::: cpe:2.3:a:apache:http_server:1.3.2:::::::* cpe:2.3:a:apache:http_server:1.3.19:::::::* cpe:2.3:a:apache:http_server:1.3.19::win32::::: cpe:2.3:a:apache:http_server:1.3.18:::::::* cpe:2.3:a:apache:http_server:1.3.18::win32::::: cpe:2.3:a:apache:http_server:1.3.17:::::::* cpe:2.3:a:apache:http_server:1.3.17::win32::::: cpe:2.3:a:apache:http_server:1.3.16:::::::* cpe:2.3:a:apache:http_server:1.3.16::win32::::: cpe:2.3:a:apache:http_server:1.3.15:::::::* cpe:2.3:a:apache:http_server:1.3.15::win32::::: cpe:2.3:a:apache:http_server:1.3.14:::::::* cpe:2.3:a:apache:http_server:1.3.14::win32::::: cpe:2.3:a:apache:http_server:1.3.14::mac_os::::: cpe:2.3:a:apache:http_server:1.3.13:::::::* cpe:2.3:a:apache:http_server:1.3.13::win32::::: cpe:2.3:a:apache:http_server:1.3.12:::::::* cpe:2.3:a:apache:http_server:1.3.12::win32::::: cpe:2.3:a:apache:http_server:1.3.11:::::::* cpe:2.3:a:apache:http_server:1.3.11::win32::::: cpe:2.3:a:apache:http_server:1.3.10:::::::* cpe:2.3:a:apache:http_server:1.3.1.1:::::::* cpe:2.3:a:apache:http_server:1.3.1:::::::* cpe:2.3:a:apache:http_server:1.3.0:::::::* cpe:2.3:a:apache:http_server:1.3:::::::* cpe:2.3:a:apache:http_server:1.2.9:::::::* cpe:2.3:a:apache:http_server:1.2.6:::::::* cpe:2.3:a:apache:http_server:1.2.5:::::::* cpe:2.3:a:apache:http_server:1.2.4:::::::* cpe:2.3:a:apache:http_server:1.2.0:::::::* cpe:2.3:a:apache:http_server:1.15.17:::::::* cpe:2.3:a:apache:http_server:1.1.1:::::::* cpe:2.3:a:apache:http_server:1.1:::::::* cpe:2.3:a:apache:http_server:1.0.5:::::::* cpe:2.3:a:apache:http_server:1.0.3:::::::* cpe:2.3:a:apache:http_server:1.0.2:::::::* cpe:2.3:a:apache:http_server:1.0:::::::* cpe:2.3:a:apache:http_server:0.8.14:::::::* cpe:2.3:a:apache:http_server:0.8.11:::::::* cpe:2.3:a:apache:http_server:::::::: cpe:2.3:a:apache:http_server:::win32:::::* cpe:2.3:a:apache:http_server:-:::::::*	170
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*	4
Os	Fedoraproject Fedora cpe:2.3:o:fedoraproject:fedora:7:::::::*	1
Os	Fedoraproject Fedora Core cpe:2.3:o:fedoraproject:fedora_core:6:::::::*	1

OpenVAS Exploits

Date	Description
2010-05-12	Name : Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003 File : nvt/macosx_upd_10_5_3_secupd_2008-003.nasl
2009-11-17	Name : Mac OS X Version File : nvt/macosx_version.nasl
2009-10-10	Name : SLES9: Security update for apache2 File : nvt/sles9p5012664.nasl
2009-06-03	Name : Solaris Update for Apache 2 120544-14 File : nvt/gb_solaris_120544_14.nasl
2009-06-03	Name : Solaris Update for Apache 2 120543-14 File : nvt/gb_solaris_120543_14.nasl
2009-05-05	Name : HP-UX Update for Apache HPSBUX02273 File : nvt/gb_hp_ux_HPSBUX02273.nasl
2009-04-09	Name : Mandriva Update for apache MDKSA-2007:235 (apache) File : nvt/gb_mandriva_MDKSA_2007_235.nasl
2009-03-23	Name : Ubuntu Update for apache2 vulnerabilities USN-575-1 File : nvt/gb_ubuntu_USN_575_1.nasl
2009-03-06	Name : RedHat Update for httpd RHSA-2008:0005-01 File : nvt/gb_RHSA-2008_0005-01_httpd.nasl
2009-02-27	Name : Fedora Update for httpd FEDORA-2007-707 File : nvt/gb_fedora_2007_707_httpd_fc6.nasl
2009-02-27	Name : Fedora Update for httpd FEDORA-2007-2214 File : nvt/gb_fedora_2007_2214_httpd_fc7.nasl
2009-02-27	Name : CentOS Update for httpd CESA-2008:0005 centos3 x86_64 File : nvt/gb_CESA-2008_0005_httpd_centos3_x86_64.nasl
2009-02-27	Name : CentOS Update for httpd CESA-2008:0005 centos3 i386 File : nvt/gb_CESA-2008_0005_httpd_centos3_i386.nasl
2009-01-28	Name : SuSE Update for apache2 SUSE-SA:2007:061 File : nvt/gb_suse_2007_061.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200711-06 (apache) File : nvt/glsa_200711_06.nasl
2008-09-04	Name : FreeBSD Ports: apache File : nvt/freebsd_apache12.nasl
0000-00-00	Name : Slackware Advisory SSA:2008-045-02 apache File : nvt/esoft_slk_ssa_2008_045_02.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
37051	Apache HTTP Server mod_proxy modules/proxy/proxy_util.c Crafted Header Remote...

Snort® IPS/IDS

Date	Description
2014-01-10	Apache http server mod_proxy http response crafted date handling denial of se... RuleID : 13311 - Revision : 7 - Type : WEB-MISC
2014-01-10	Apache http server mod_proxy http response crafted date handling denial of se... RuleID : 13310 - Revision : 7 - Type : WEB-MISC
2014-01-10	Apache http server mod_proxy http request crafted date handling denial of ser... RuleID : 13309 - Revision : 6 - Type : WEB-MISC

Nessus® Vulnerability Scanner

Date	Description
2014-11-26	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2009-0010.nasl - Type : ACT_GATHER_INFO
2013-08-11	Name : The remote web server may be affected by multiple vulnerabilities. File : oracle_http_server_cpu_jul_2013.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0005.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0747.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080115_httpd_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071115_httpd_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071109_httpd_on_SL5.nasl - Type : ACT_GATHER_INFO
2008-05-29	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-003.nasl - Type : ACT_GATHER_INFO
2008-05-29	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_3.nasl - Type : ACT_GATHER_INFO
2008-03-19	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO
2008-03-07	Name : The remote web server may be affected by several issues. File : apache_1_3_41.nasl - Type : ACT_GATHER_INFO
2008-02-18	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-045-02.nasl - Type : ACT_GATHER_INFO
2008-02-05	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-575-1.nasl - Type : ACT_GATHER_INFO
2008-01-15	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0005.nasl - Type : ACT_GATHER_INFO
2008-01-15	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0005.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-4669.nasl - Type : ACT_GATHER_INFO
2007-12-04	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-235.nasl - Type : ACT_GATHER_INFO
2007-11-20	Name : The remote openSUSE host is missing a security update. File : suse_apache2-4666.nasl - Type : ACT_GATHER_INFO
2007-11-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0747.nasl - Type : ACT_GATHER_INFO
2007-11-08	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-06.nasl - Type : ACT_GATHER_INFO
2007-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0746.nasl - Type : ACT_GATHER_INFO
2007-11-06	Name : The remote Fedora host is missing a security update. File : fedora_2007-2214.nasl - Type : ACT_GATHER_INFO
2007-09-25	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-707.nasl - Type : ACT_GATHER_INFO
2007-09-14	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c115271d602b11dc898c001921ab2fa4.nasl - Type : ACT_GATHER_INFO
2007-09-14	Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_2_6.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
AIXAPAR	http://www-1.ibm.com/support/docview.wss?uid=swg1PK50469 http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702
APPLE	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
BID	http://www.securityfocus.com/bid/25489
BUGTRAQ	http://www.securityfocus.com/archive/1/505990/100/0/threaded
CERT	http://www.us-cert.gov/cas/techalerts/TA08-150A.html
CONFIRM	http://bugs.gentoo.org/show_bug.cgi?id=186219 http://docs.info.apple.com/article.html?artnum=307562 http://httpd.apache.org/security/vulnerabilities_20.html http://httpd.apache.org/security/vulnerabilities_22.html http://support.avaya.com/elmodocs2/security/ASA-2007-500.htm http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951 http://www.fujitsu.com/global/support/software/security/products-f/interstage... http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html https://issues.rpath.com/browse/RPL-1710
FEDORA	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg0032... https://www.redhat.com/archives/fedora-package-announce/2007-September/msg003...
GENTOO	http://security.gentoo.org/glsa/glsa-200711-06.xml
HP	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588
MANDRIVA	http://www.mandriva.com/security/advisories?name=MDKSA-2007:235
MISC	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e0... https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc1... https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5... https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360... https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9... https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8... https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef... https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86... https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb7... https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a... https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b... https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525... https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6... https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694... https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f... https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20... https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb... https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5e... https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5... https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2b... https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f... https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806ce...
MLIST	http://lists.vmware.com/pipermail/security-announce/2009/000062.html http://marc.info/?l=apache-cvs&m=118592992309395&w=2 http://marc.info/?l=apache-httpd-dev&m=118595556504202&w=2 http://marc.info/?l=apache-httpd-dev&m=118595953217856&w=2
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT	http://www.redhat.com/support/errata/RHSA-2007-0746.html http://www.redhat.com/support/errata/RHSA-2007-0747.html http://www.redhat.com/support/errata/RHSA-2007-0911.html http://www.redhat.com/support/errata/RHSA-2008-0005.html
SECTRACK	http://www.securitytracker.com/id?1018633
SECUNIA	http://secunia.com/advisories/26636 http://secunia.com/advisories/26722 http://secunia.com/advisories/26790 http://secunia.com/advisories/26842 http://secunia.com/advisories/26952 http://secunia.com/advisories/26993 http://secunia.com/advisories/27209 http://secunia.com/advisories/27563 http://secunia.com/advisories/27593 http://secunia.com/advisories/27732 http://secunia.com/advisories/27882 http://secunia.com/advisories/27971 http://secunia.com/advisories/28467 http://secunia.com/advisories/28606 http://secunia.com/advisories/28749 http://secunia.com/advisories/28922 http://secunia.com/advisories/29420 http://secunia.com/advisories/30430
SLACKWARE	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&...
SUSE	http://www.novell.com/linux/security/advisories/2007_61_apache2.html
UBUNTU	http://www.ubuntu.com/usn/usn-575-1
VUPEN	http://www.vupen.com/english/advisories/2007/3020 http://www.vupen.com/english/advisories/2007/3095 http://www.vupen.com/english/advisories/2007/3283 http://www.vupen.com/english/advisories/2007/3494 http://www.vupen.com/english/advisories/2007/3955 http://www.vupen.com/english/advisories/2008/0233 http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/1697

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-02-02 01:06:58	Multiple Updates
2024-02-01 12:02:21	Multiple Updates
2023-09-05 12:06:30	Multiple Updates
2023-09-05 01:02:12	Multiple Updates
2023-09-02 12:06:36	Multiple Updates
2023-09-02 01:02:13	Multiple Updates
2023-08-12 12:07:40	Multiple Updates
2023-08-12 01:02:13	Multiple Updates
2023-08-11 12:06:39	Multiple Updates
2023-08-11 01:02:17	Multiple Updates
2023-08-06 12:06:20	Multiple Updates
2023-08-06 01:02:14	Multiple Updates
2023-08-04 12:06:26	Multiple Updates
2023-08-04 01:02:17	Multiple Updates
2023-07-14 12:06:25	Multiple Updates
2023-07-14 01:02:15	Multiple Updates
2023-03-29 01:07:09	Multiple Updates
2023-03-28 12:02:20	Multiple Updates
2023-02-13 09:29:26	Multiple Updates
2023-02-02 21:28:59	Multiple Updates
2022-10-11 12:05:42	Multiple Updates
2022-10-11 01:02:05	Multiple Updates
2022-09-22 02:10:33	Multiple Updates
2021-06-06 17:23:04	Multiple Updates
2021-06-03 13:23:14	Multiple Updates
2021-05-04 12:06:45	Multiple Updates
2021-04-22 01:07:15	Multiple Updates
2021-03-30 17:22:46	Multiple Updates
2020-05-23 00:20:08	Multiple Updates
2019-08-27 12:02:18	Multiple Updates
2018-10-16 00:19:10	Multiple Updates
2017-09-29 09:23:08	Multiple Updates
2016-04-26 16:23:09	Multiple Updates
2014-02-17 10:40:56	Multiple Updates
2014-01-19 21:24:19	Multiple Updates
2013-07-17 21:18:40	Multiple Updates
2013-05-11 10:31:50	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	2
CPE ID(s)	176
Sources(s)	82
osvdb(s)	1
Openvas Exploit(s)	17
Snort® Rule(s)	3
Nessus® Exploit(s)	25

	Related
10	TA08-150A
6.8	VMSA-2009-0010
5	USN-575-1
5	RHSA-2008:0005
5	RHSA-2007:0911
5	RHSA-2007:0747
5	RHSA-2007:0746
5	MDKSA-2007:235
5	HPSBUX02273 SSR...
5	GLSA-200711-06
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 10 more Alert(s)

5 - CVE-2007-3847

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU