Apache mod_perl 'path_info' Denial of Service
危険度: 中
CVE識別番号: CVE-2007-1349
情報公開日: 7 21, 2015
概要
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1004655
Trend Micro Deep Security DPI Rule Name: 1004655 - Apache mod_perl 'path_info' Denial Of Service
影響を受けるソフトウェア
- Apache Apache
- Apache Apache_test 1.29
- Apache mod_perl 2.0.0
- Apache mod_perl 2.0.1
- Apache mod_perl 2.0.2
- Apache mod_perl 2.0.3