Vulnerability Name:

CVE-2005-2728 (CCN-22006)

Assigned:2004-07-07
Published:2004-07-07
Updated:2021-06-06
Summary:The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: SGI Security Advisory 2005090101-U
SGI Advanced Linux Environment 3 Security Update #46

Source: SGI
Type: UNKNOWN
20060101-01-U

Source: CCN
Type: Neohapsis BugTraq Message #0217 SSRT051251
Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access

Source: MITRE
Type: CNA
CVE-2005-2728

Source: CCN
Type: Apache Web site
Welcome! - The Apache HTTP Server Project

Source: CCN
Type: ASF Bugzilla Bug 29962
byterange filter buffers response in memory

Source: CONFIRM
Type: Patch, Vendor Advisory
http://issues.apache.org/bugzilla/show_bug.cgi?id=29962

Source: TRUSTIX
Type: UNKNOWN
TSLSA-2005-0059

Source: CCN
Type: RHSA-2005-608
httpd security update

Source: CCN
Type: SA16559
Apache Byte-Range Filter and MPM Worker Denial of Service Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
16559

Source: SECUNIA
Type: UNKNOWN
16705

Source: SECUNIA
Type: UNKNOWN
16714

Source: SECUNIA
Type: UNKNOWN
16743

Source: SECUNIA
Type: UNKNOWN
16746

Source: SECUNIA
Type: UNKNOWN
16753

Source: SECUNIA
Type: UNKNOWN
16754

Source: SECUNIA
Type: UNKNOWN
16769

Source: SECUNIA
Type: UNKNOWN
16789

Source: CCN
Type: SA16956
Avaya Products httpd/mod_ssl Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
16956

Source: CCN
Type: SA17036
IBM HTTP Server PCRE and Byte-Range Filter Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
17036

Source: SECUNIA
Type: UNKNOWN
17288

Source: CCN
Type: SA17600
HP-UX / HP Virtualvault Apache Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
17600

Source: SECUNIA
Type: UNKNOWN
17831

Source: SECUNIA
Type: UNKNOWN
17923

Source: SECUNIA
Type: UNKNOWN
18161

Source: SECUNIA
Type: UNKNOWN
18333

Source: SECUNIA
Type: UNKNOWN
18517

Source: CCN
Type: SA19072
Sun Solaris Multiple Apache2 Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
19072

Source: SREASON
Type: UNKNOWN
604

Source: SUNALERT
Type: UNKNOWN
102198

Source: CCN
Type: ASA-2006-023
Apache-based Web Server on HP-UX (HPSBUX02074)

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

Source: CCN
Type: CIAC INFORMATION BULLETIN P-301
httpd Security Update

Source: DEBIAN
Type: UNKNOWN
DSA-805

Source: DEBIAN
Type: DSA-805
apache2 -- several vulnerabilities

Source: CCN
Type: GLSA-200508-15
Apache 2.0: Denial of Service vulnerability

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200508-15

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2005:161

Source: SUSE
Type: UNKNOWN
SUSE-SA:2005:051

Source: SUSE
Type: UNKNOWN
SUSE-SA:2005:052

Source: REDHAT
Type: UNKNOWN
RHSA-2005:608

Source: HP
Type: UNKNOWN
SSRT051251

Source: BID
Type: Patch
14660

Source: CCN
Type: BID-14660
Apache CGI Byterange Request Denial of Service Vulnerability

Source: CCN
Type: TLSA-2005-94
Two vulnerabilities discovered in apache

Source: CCN
Type: USN-177-1
Apache 2 vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-177-1

Source: VUPEN
Type: UNKNOWN
ADV-2006-0789

Source: XF
Type: UNKNOWN
apache-byterange-dos(22006)

Source: XF
Type: UNKNOWN
apache-byterange-dos(22006)

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10017

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1246

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1727

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:760

Source: SUSE
Type: SUSE-SA:2005:052
apache2: local command execution authentication bypass memory consumption

Source: CCN
Type: IBM Systems Support Web site
Support for HMC

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:http_server:2.0.28:beta:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.32:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.41:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.42:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.49:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.50:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.35:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.36:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.43:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.44:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.51:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.52:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.37:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.38:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.45:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.46:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.53:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.39:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.40:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.47:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.48:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:http_server:2.0.28:beta:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.38:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.39:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.42:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.47:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.49:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.48:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.51:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.52:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.40:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.46:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.32:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.35:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.36:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.37:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.41:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.43:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.44:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.45:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.50:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.53:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.0.9:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1::as:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:suse:suse_open_enterprise_server:9:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20052728
    V
    		CVE-2005-2728
    2015-11-16
    oval:org.mitre.oval:def:10017
    V
    		The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
    2013-04-29
    oval:org.mitre.oval:def:1727
    V
    		Webproxy CGI Byterange Request DoS
    2007-10-02
    oval:org.mitre.oval:def:1246
    V
    		VirusVault CGI Byterange Request DoS
    2007-10-02
    oval:org.mitre.oval:def:760
    V
    		Apache HTTP Byte-range DoS Vulnerability
    2006-01-25
    oval:org.debian:def:805
    V
    		several vulnerabilities
    2005-09-08
    oval:com.redhat.rhsa:def:20050608
    P
    		RHSA-2005:608: httpd security update (Important)
    2005-09-06
    BACK
    apache http server 2.0.28 beta
    apache http server 2.0.32
    apache http server 2.0.41
    apache http server 2.0.42
    apache http server 2.0.49
    apache http server 2.0.50
    apache http server 2.0.35
    apache http server 2.0.36
    apache http server 2.0.43
    apache http server 2.0.44
    apache http server 2.0.51
    apache http server 2.0.52
    apache http server 2.0.37
    apache http server 2.0.38
    apache http server 2.0.45
    apache http server 2.0.46
    apache http server 2.0.53
    apache http server 2.0.9
    apache http server 2.0
    apache http server 2.0.28
    apache http server 2.0.39
    apache http server 2.0.40
    apache http server 2.0.47
    apache http server 2.0.48
    apache http server 2.0.28 beta
    apache http server 2.0
    apache http server 2.0.38
    apache http server 2.0.39
    apache http server 2.0.42
    apache http server 2.0.47
    apache http server 2.0.49
    apache http server 2.0.48
    apache http server 2.0.51
    apache http server 2.0.52
    apache http server 2.0.40
    apache http server 2.0.46
    apache http server 2.0.28
    apache http server 2.0.32
    apache http server 2.0.35
    apache http server 2.0.36
    apache http server 2.0.37
    apache http server 2.0.41
    apache http server 2.0.43
    apache http server 2.0.44
    apache http server 2.0.45
    apache http server 2.0.50
    apache http server 2.0.53
    apache http server 2.0.9
    gentoo linux *
    suse linux enterprise server 8
    suse suse linux 9.0
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.0
    suse suse linux 9.1
    redhat enterprise linux 3
    suse suse linux 9.2
    mandrakesoft mandrake linux 10.1
    redhat enterprise linux 2.1
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    suse suse open enterprise server 9
    debian debian linux 3.1
    novell open enterprise server *
    mandrakesoft mandrake multi network firewall 2.0
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux personal *
    turbolinux turbolinux home *
    turbolinux turbolinux multimedia *
    mandrakesoft mandrake linux 10.0
    novell open enterprise server *
    suse suse linux 9.3