URL regular expression DoS (CVE-2007-1349)
A flaw was discovered in the Apache::PerlRun module shipped with mod_perl 1.29 and earlier and in the ModPerl::RegistryCooker module shipped with mod_perl 2.03 and earlier. A remote attacker could craft a URL with a path that would be interpreted as a regular expression, potentially allowing a denial of service by creating an expression that will take a very long time to run. This vulnerability only affects Apache::PerlRun and custom subclasses of ModPerl::RegistryCooker that explicitly use the namespace_from_uri() method. The Apache::Registry, ModPerl::PerlRun, and ModPerl::Registry modules are NOT affected.

Users of mod_perl 1.29 and earlier are encouraged to upgrade to 1.30 if they use Apache::PerlRun for their applications. Users of mod_perl 2.03 are encouraged to check their custom code for calls to the namespace_from_uri() method and replace it with the namespace_from_filename() method.

Please note!
mod_perl-1.24_01.tar.gz or later is required for Apache >= 1.3.14.

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  - Perl project
[TXT]HEADER.html2022-11-17 15:55 1.1KPerl project
[   ]HEADER.html.old2022-11-17 15:55 359 Perl project
[SIG]KEYS2022-11-17 15:55 39KDeveloper PGP/GPG keys
[   ]README2022-11-17 15:55 4.3KPerl project
[DIR]contrib/1999-02-26 01:42 - Perl project
[   ]mod_perl-1.30.tar.gz2022-11-17 15:55 380KPerl project
[SIG]mod_perl-1.30.tar.gz.asc2022-11-17 15:55 186 PGP signature
[DIR]mod_perl-1.30/2007-03-30 09:14 - Perl project
[   ]mod_perl-1.31.tar.gz2022-11-17 15:55 381KPerl project
[SIG]mod_perl-1.31.tar.gz.asc2022-11-17 15:55 194 PGP signature
[DIR]mod_perl-1.31/2009-05-12 05:04 - Perl project
[   ]mod_perl-2.0.3.tar.gz2022-11-17 15:55 3.5MPerl project
[SIG]mod_perl-2.0.3.tar.gz.asc2022-11-17 15:55 189 PGP signature
[DIR]mod_perl-2.0.3/2006-11-29 10:10 - Perl project
[   ]mod_perl-2.0.4.tar.gz2022-11-17 15:55 3.6MPerl project
[SIG]mod_perl-2.0.4.tar.gz.asc2022-11-17 15:55 186 PGP signature
[DIR]mod_perl-2.0.4/2008-04-17 09:20 - Perl project
[   ]mod_perl-2.0.5.tar.gz2022-11-17 15:55 3.6MPerl project
[SIG]mod_perl-2.0.5.tar.gz.asc2022-11-17 15:55 487 PGP signature
[DIR]mod_perl-2.0.5/2011-02-08 00:13 - Perl project

Apache/2.4.41 (Ubuntu) Server at ftp.deu.edu.tr Port 443