VYPR
Unrated severityNVD Advisory· Published Jul 28, 2006· Updated Jun 16, 2026

CVE-2006-3747

CVE-2006-3747

Description

Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*range: >=1.3.28,<1.3.37
    • (no CPE)range: >= 1.3.28, < 2.0.59, 2.2
  • cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

90

News mentions

0

No linked articles in our index yet.