CVE-2005-2728

Apache HTTP Server < 2.0.54 - Denial of Service via Large Range Header

Title source: llm
STIX 2.1

Description

The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.

References (52)

Core 52
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16705
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/14660
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-608.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10017
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16743
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16753
Various Sources vendor-advisory x_refsource_trustix
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_51_apache2.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17831
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-177-1
Patch, Vendor Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://www.securityfocus.com/archive/1/428138/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/22006
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1246
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16754
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18333
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2005:161
Vendor Advisory vendor-advisory x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/604
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17923
Patch, Vendor Advisory x_refsource_confirm
http://issues.apache.org/bugzilla/show_bug.cgi?id=29962
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16789
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16714
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16769
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17036
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17288
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16956
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19072
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18517
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A760
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16746
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_52_apache2.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2005/dsa-805
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17600
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16559/
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18161
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1727
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0789

Scores

EPSS 0.1098
EPSS Percentile 95.4%

Details

Status published
Products (23)
apache/http_server 2.0
apache/http_server 2.0.9
apache/http_server 2.0.28 (2 CPE variants)
apache/http_server 2.0.32
apache/http_server 2.0.35
apache/http_server 2.0.36
apache/http_server 2.0.37
apache/http_server 2.0.38
apache/http_server 2.0.39
apache/http_server 2.0.40
... and 13 more
Published Aug 30, 2005
Tracked Since Feb 18, 2026