CVE-2005-3319
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/10/2005
Last modified:
30/10/2018
Description
The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
Impact
Base Score 2.0
2.10
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:* | ||
cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html
- http://bugs.gentoo.org/show_bug.cgi?id=107602
- http://docs.info.apple.com/article.html?artnum=303382
- http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
- http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
- http://marc.info/?l=bugtraq&m=113019286208204&w=2
- http://secunia.com/advisories/17510
- http://secunia.com/advisories/17557
- http://secunia.com/advisories/18198
- http://secunia.com/advisories/19064
- http://secunia.com/advisories/22691
- http://securityreason.com/securityalert/525
- http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005%3A213
- http://www.osvdb.org/20491
- http://www.securityfocus.com/bid/15177
- http://www.securityfocus.com/bid/16907
- http://www.us-cert.gov/cas/techalerts/TA06-062A.html
- http://www.vupen.com/english/advisories/2006/0791
- http://www.vupen.com/english/advisories/2006/4320
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22844
- https://www.ubuntu.com/usn/usn-232-1/