CVE-2005-2728

The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.

Published: Aug 30, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-2728
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
apache / http_server	2.0.42	2.0.42.x
apache / http_server	2.0.47	2.0.47.x
apache / http_server	2.0.50	2.0.50.x
apache / http_server	2.0.35	2.0.35.x
apache / http_server	2.0.37	2.0.37.x
apache / http_server	2.0.44	2.0.44.x
apache / http_server	2.0.39	2.0.39.x
apache / http_server	2.0.52	2.0.52.x
apache / http_server	2.0.53	2.0.53.x
apache / http_server	2.0.51	2.0.51.x
apache / http_server	2.0.28-beta	2.0.28-beta.x
apache / http_server	2.0.41	2.0.41.x
apache / http_server	2.0.49	2.0.49.x
apache / http_server	2.0.9	2.0.9.x
apache / http_server	2.0.32	2.0.32.x
apache / http_server	2.0.38	2.0.38.x
apache / http_server	2.0.48	2.0.48.x
apache / http_server	2.0.45	2.0.45.x
apache / http_server	2.0.40	2.0.40.x
apache / http_server	2.0.36	2.0.36.x
apache / http_server	2.0.46	2.0.46.x
apache / http_server	2.0.43	2.0.43.x
apache / http_server	2.0.28	2.0.28.x
apache / http_server	2.0	2.0.x

Vulnerability Database

290,206

CVE-2005-2728