Alias(es)Apache.IPv6ParsingFlaw.C |
Release DateMar 12, 2006 |
Severitymedium |
ImpactAttacks may be able to cause the Apache web server to crash. |
DescriptionThis indicates a potential Denial-of-Service vulnerability in the processing of Internet Protocol Version 6 (IPv6) addresses by Apache Web Servers. Apache Web Server is an open source solution to building a secure modern web server that is compatible with both UNIX and Windows operating systems. Due to inadequate boundary checking, an attacker can send a carefully-constructed request to cause a vulnerable Apache Web Server crash. |
Affected ProductsAny version of unpatched Apache 2.0 prior to Apache 2.0.51 is vulnerable. |
Recommended ActionsApply appropriate patches and/or upgrade Apache to the latest non-vulnerable version. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2004-0786 |
Reference/shttp://securitytracker.com/id?1011299http://www.securityfocus.com/bid/11187 (BugTraq) |
