CVE-2006-3747

Description

Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.

Category

7.6
CVSS
Severity: High
CVSS 2.0 •
EPSS 92.32% Top 5%
Vendor Advisory hp.com Vendor Advisory sun.com Vendor Advisory hp.com Vendor Advisory securityfocus.com Vendor Advisory ibm.com Vendor Advisory marc.info Vendor Advisory novell.com Vendor Advisory gentoo.org Vendor Advisory securityfocus.com Vendor Advisory sun.com Vendor Advisory apple.com Vendor Advisory apple.com Vendor Advisory mandriva.com Vendor Advisory debian.org Vendor Advisory openpkg.org Vendor Advisory debian.org Vendor Advisory ibm.com Vendor Advisory ubuntu.com Vendor Advisory ibm.com Vendor Advisory lwn.net Vendor Advisory apache.org Vendor Advisory apache.org
Affected: n/a n/a
Published at:
Updated at:

References

Link Tags
http://secunia.com/advisories/21266 third party advisory broken link
http://secunia.com/advisories/21307 third party advisory broken link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 third party advisory vendor advisory
http://www.vupen.com/english/advisories/2006/3995 vdb entry permissions required
https://exchange.xforce.ibmcloud.com/vulnerabilities/28063 vdb entry third party advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1 vendor advisory broken link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 third party advisory vendor advisory
http://www-1.ibm.com/support/docview.wss?uid=swg27007951 third party advisory
http://www.securityfocus.com/archive/1/450321/100/0/threaded vdb entry third party advisory vendor advisory
http://www.vupen.com/english/advisories/2006/4300 vdb entry permissions required
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048271.html third party advisory mailing list
http://secunia.com/advisories/23028 third party advisory broken link
http://svn.apache.org/viewvc?view=rev&revision=426144 vendor advisory
http://www.vupen.com/english/advisories/2006/3282 vdb entry permissions required
http://secunia.com/advisories/21284 third party advisory broken link
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29156 third party advisory vendor advisory
http://kbase.redhat.com/faq/FAQ_68_8653.shtm third party advisory
http://secunia.com/advisories/22523 third party advisory broken link
http://www.vupen.com/english/advisories/2008/1246/references vdb entry permissions required
http://marc.info/?l=bugtraq&m=130497311408250&w=2 mailing list third party advisory vendor advisory
http://secunia.com/advisories/23260 third party advisory broken link
http://www.vupen.com/english/advisories/2006/3264 vdb entry permissions required
http://www.novell.com/linux/security/advisories/2006_43_apache.html third party advisory vendor advisory
http://www.vupen.com/english/advisories/2008/0924/references vdb entry permissions required
http://secunia.com/advisories/21313 third party advisory broken link
http://secunia.com/advisories/29849 third party advisory broken link
http://www.vupen.com/english/advisories/2006/4015 vdb entry permissions required
http://secunia.com/advisories/21273 third party advisory broken link
http://www.us-cert.gov/cas/techalerts/TA08-150A.html third party advisory us government resource
http://secunia.com/advisories/21478 third party advisory broken link
http://www.securityfocus.com/archive/1/441487/100/0/threaded mailing list vdb entry third party advisory
http://security.gentoo.org/glsa/glsa-200608-01.xml third party advisory vendor advisory
http://www.securityfocus.com/archive/1/441485/100/0/threaded mailing list vdb entry third party advisory
http://secunia.com/advisories/22368 third party advisory broken link
http://secunia.com/advisories/26329 third party advisory broken link
http://www.securityfocus.com/archive/1/445206/100/0/threaded vdb entry third party advisory vendor advisory
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 third party advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1 vendor advisory broken link
http://secunia.com/advisories/29420 third party advisory broken link
http://www.apache.org/dist/httpd/Announcement2.0.html patch vendor advisory
http://www.securityfocus.com/bid/19204 vdb entry third party advisory
http://secunia.com/advisories/21245 third party advisory broken link
http://www.vupen.com/english/advisories/2006/4868 vdb entry permissions required
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html mailing list third party advisory vendor advisory
http://secunia.com/advisories/30430 third party advisory broken link
http://www.vupen.com/english/advisories/2006/4207 vdb entry permissions required
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html mailing list third party advisory vendor advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:133 vendor advisory broken link
http://secunia.com/advisories/21315 third party advisory broken link
http://www.kb.cert.org/vuls/id/395412 third party advisory us government resource
http://secunia.com/advisories/21509 third party advisory broken link
http://secunia.com/advisories/21346 third party advisory broken link
http://securitytracker.com/id?1016601 vdb entry third party advisory
http://docs.info.apple.com/article.html?artnum=307562 third party advisory
http://www.securityfocus.com/archive/1/441526/100/200/threaded mailing list vdb entry third party advisory
http://www.debian.org/security/2006/dsa-1131 third party advisory patch vendor advisory
http://secunia.com/advisories/21247 third party advisory broken link
http://www.vupen.com/english/advisories/2006/3884 vdb entry permissions required
http://www.vupen.com/english/advisories/2008/1697 vdb entry permissions required
http://www.securityfocus.com/archive/1/443870/100/0/threaded mailing list vdb entry third party advisory
https://issues.rpath.com/browse/RPL-538 broken link
http://secunia.com/advisories/22262 third party advisory broken link
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.015-apache.html third party advisory vendor advisory
http://securityreason.com/securityalert/1312 third party advisory
http://www.debian.org/security/2006/dsa-1132 third party advisory patch vendor advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1PK29154 third party advisory vendor advisory
http://secunia.com/advisories/21241 third party advisory broken link
http://www.vupen.com/english/advisories/2006/3017 vdb entry permissions required
http://www.vupen.com/english/advisories/2007/2783 vdb entry permissions required
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048267.html third party advisory mailing list
http://www.ubuntu.com/usn/usn-328-1 third party advisory vendor advisory
http://www-1.ibm.com/support/docview.wss?uid=swg24013080 third party advisory vendor advisory
http://www.osvdb.org/27588 vdb entry broken link
http://lwn.net/Alerts/194228/ mailing list third party advisory vendor advisory
http://secunia.com/advisories/22388 third party advisory broken link
http://secunia.com/advisories/21197 third party advisory broken link
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E mailing list
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E mailing list

Frequently Asked Questions

What is the severity of CVE-2006-3747?
CVE-2006-3747 has been scored as a high severity vulnerability.
How to fix CVE-2006-3747?
To fix CVE-2006-3747, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2006-3747 being actively exploited in the wild?
It is possible that CVE-2006-3747 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~92% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.