URL regular expression DoS (CVE-2007-1349)
A flaw was discovered in the Apache::PerlRun module shipped with
mod_perl 1.29 and earlier and in the ModPerl::RegistryCooker module shipped with
mod_perl 2.03 and earlier. A remote attacker could craft a URL with a path that
would be interpreted as a regular expression, potentially allowing a
denial of service by creating an expression that will take a very long
time to run. This vulnerability only affects Apache::PerlRun and
custom subclasses of ModPerl::RegistryCooker that explicitly use the
namespace_from_uri() method. The Apache::Registry, ModPerl::PerlRun,
and ModPerl::Registry modules are NOT affected.
Users of mod_perl 1.29 and earlier are encouraged to upgrade to 1.30 if they use Apache::PerlRun for their applications. Users of mod_perl 2.03 are encouraged to check their custom code for calls to the namespace_from_uri() method and replace it with the namespace_from_filename() method.
Please note!
mod_perl-1.24_01.tar.gz or later is required for Apache >= 1.3.14.
![[ICO]](/icons/blank.gif){kind=icon} | Name | Last modified | Size | Description |
|---|---|---|---|---|
![[PARENTDIR]](/icons/back.gif){kind=icon} | Parent Directory | - | Perl project | |
![[DIR]](/icons/folder.gif){kind=icon} | contrib/ | 1999-02-26 01:42 | - | Perl project |
| mod_perl-1.30/ | 2007-03-30 09:14 | - | Perl project |
| mod_perl-1.31/ | 2009-05-12 05:04 | - | Perl project |
| mod_perl-2.0.3/ | 2006-11-29 10:10 | - | Perl project |
| mod_perl-2.0.4/ | 2008-04-17 09:20 | - | Perl project |
| mod_perl-2.0.5/ | 2011-02-08 00:13 | - | Perl project |
![[SIG]](/icons/quill.gif){kind=icon} | mod_perl-1.30.tar.gz.asc | 2022-11-17 15:55 | 186 | PGP signature |
| mod_perl-2.0.4.tar.gz.asc | 2022-11-17 15:55 | 186 | PGP signature |
| mod_perl-2.0.3.tar.gz.asc | 2022-11-17 15:55 | 189 | PGP signature |
| mod_perl-1.31.tar.gz.asc | 2022-11-17 15:55 | 194 | PGP signature |
![[ ]](/icons/unknown.gif){kind=icon} | HEADER.html.old | 2022-11-17 15:55 | 359 | Perl project |
| mod_perl-2.0.5.tar.gz.asc | 2022-11-17 15:55 | 487 | PGP signature |
![[TXT]](/icons/text.gif){kind=icon} | HEADER.html | 2022-11-17 15:55 | 1.1K | Perl project |
![[ ]](/icons/hand.right.gif){kind=icon} | README | 2022-11-17 15:55 | 4.3K | Perl project |
| KEYS | 2022-11-17 15:55 | 39K | Developer PGP/GPG keys |
![[ ]](/icons/compressed.gif){kind=icon} | mod_perl-1.30.tar.gz | 2022-11-17 15:55 | 380K | Perl project |
| mod_perl-1.31.tar.gz | 2022-11-17 15:55 | 381K | Perl project |
| mod_perl-2.0.3.tar.gz | 2022-11-17 15:55 | 3.5M | Perl project |
| mod_perl-2.0.4.tar.gz | 2022-11-17 15:55 | 3.6M | Perl project |
| mod_perl-2.0.5.tar.gz | 2022-11-17 15:55 | 3.6M | Perl project |