You are viewing this page in an unauthorized frame window.

This is a potential security issue, you are being redirected to https://nvd.nist.gov

You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.

U.S. flag An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Vulnerabilities

CVE-2006-3918 Detail

Deferred

This CVE record is not being prioritized for NVD enrichment efforts due to resource or other concerns.

Description

http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.
CVSS 3.x Severity and Vector Strings:

NIST CVSS score
NIST: NVD
Base Score: N/A
NVD assessment not yet provided.
CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology
NIST: NVD
Base Score: 4.3 MEDIUM
Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Vendor Statements (disclaimer)

Official Statement from Apache (07/02/2008)

Fixed in Apache HTTP Server 1.3.35: http://httpd.apache.org/security/vulnerabilities_13.html

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P CVE, MITRE Broken Link
http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html CVE, MITRE Broken Link Exploit
http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html CVE, MITRE Broken Link Exploit
http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html CVE, MITRE Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html CVE, MITRE Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=125631037611762&w=2 CVE, MITRE Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=129190899612998&w=2 CVE, MITRE Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=130497311408250&w=2 CVE, MITRE Issue Tracking Mailing List Third Party Advisory
http://openbsd.org/errata.html#httpd2 CVE, MITRE Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2006-0618.html CVE, MITRE Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2006-0692.html CVE, MITRE Third Party Advisory
http://secunia.com/advisories/21172 CVE, MITRE Not Applicable Patch Vendor Advisory
http://secunia.com/advisories/21174 CVE, MITRE Not Applicable Patch Vendor Advisory
http://secunia.com/advisories/21399 CVE, MITRE Not Applicable
http://secunia.com/advisories/21478 CVE, MITRE Not Applicable
http://secunia.com/advisories/21598 CVE, MITRE Not Applicable
http://secunia.com/advisories/21744 CVE, MITRE Not Applicable
http://secunia.com/advisories/21848 CVE, MITRE Not Applicable
http://secunia.com/advisories/21986 CVE, MITRE Not Applicable
http://secunia.com/advisories/22140 CVE, MITRE Not Applicable
http://secunia.com/advisories/22317 CVE, MITRE Not Applicable
http://secunia.com/advisories/22523 CVE, MITRE Not Applicable
http://secunia.com/advisories/28749 CVE, MITRE Not Applicable
http://secunia.com/advisories/29640 CVE, MITRE Not Applicable
http://secunia.com/advisories/40256 CVE, MITRE Not Applicable
http://securityreason.com/securityalert/1294 CVE, MITRE Exploit Third Party Advisory
http://securitytracker.com/id?1016569 CVE, MITRE Broken Link Third Party Advisory VDB Entry
http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm CVE, MITRE Third Party Advisory
http://svn.apache.org/viewvc?view=rev&revision=394965 CVE, MITRE Exploit Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631 CVE, MITRE Third Party Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg24013080 CVE, MITRE Third Party Advisory
http://www.debian.org/security/2006/dsa-1167 CVE, MITRE Third Party Advisory
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html CVE, MITRE Third Party Advisory
http://www.novell.com/linux/security/advisories/2006_51_apache.html CVE, MITRE Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0619.html CVE, MITRE Third Party Advisory
http://www.securityfocus.com/bid/19661 CVE, MITRE Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1024144 CVE, MITRE Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-575-1 CVE, MITRE Third Party Advisory
http://www.vupen.com/english/advisories/2006/2963 CVE, MITRE Permissions Required
http://www.vupen.com/english/advisories/2006/2964 CVE, MITRE Permissions Required
http://www.vupen.com/english/advisories/2006/3264 CVE, MITRE Permissions Required
http://www.vupen.com/english/advisories/2006/4207 CVE, MITRE Permissions Required
http://www.vupen.com/english/advisories/2006/5089 CVE, MITRE Permissions Required
http://www.vupen.com/english/advisories/2010/1572 CVE, MITRE Permissions Required
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 CVE, MITRE Broken Link
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E CVE, MITRE
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E CVE, MITRE
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E CVE, MITRE
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E CVE, MITRE
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E CVE, MITRE
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E CVE, MITRE
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E CVE, MITRE
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E CVE, MITRE
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E CVE, MITRE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352 CVE, MITRE Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238 CVE, MITRE Third Party Advisory

Weakness Enumeration

CWE-ID CWE Name Source
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') cwe source acceptance level NIST

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

11 change records found show changes

CVE Modified by CVE 11/20/2024 7:14:42 PM

Action Type Old Value New Value
Added Reference 
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
Added Reference 
http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html
Added Reference 
http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html
Added Reference 
http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html
Added Reference 
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html
Added Reference 
http://marc.info/?l=bugtraq&m=125631037611762&w=2
Added Reference 
http://marc.info/?l=bugtraq&m=125631037611762&w=2
Added Reference 
http://marc.info/?l=bugtraq&m=129190899612998&w=2
Added Reference 
http://marc.info/?l=bugtraq&m=129190899612998&w=2
Added Reference 
http://marc.info/?l=bugtraq&m=130497311408250&w=2
Added Reference 
http://marc.info/?l=bugtraq&m=130497311408250&w=2
Added Reference 
http://openbsd.org/errata.html#httpd2
Added Reference 
http://rhn.redhat.com/errata/RHSA-2006-0618.html
Added Reference 
http://rhn.redhat.com/errata/RHSA-2006-0692.html
Added Reference 
http://secunia.com/advisories/21172
Added Reference 
http://secunia.com/advisories/21174
Added Reference 
http://secunia.com/advisories/21399
Added Reference 
http://secunia.com/advisories/21478
Added Reference 
http://secunia.com/advisories/21598
Added Reference 
http://secunia.com/advisories/21744
Added Reference 
http://secunia.com/advisories/21848
Added Reference 
http://secunia.com/advisories/21986
Added Reference 
http://secunia.com/advisories/22140
Added Reference 
http://secunia.com/advisories/22317
Added Reference 
http://secunia.com/advisories/22523
Added Reference 
http://secunia.com/advisories/28749
Added Reference 
http://secunia.com/advisories/29640
Added Reference 
http://secunia.com/advisories/40256
Added Reference 
http://securityreason.com/securityalert/1294
Added Reference 
http://securitytracker.com/id?1016569
Added Reference 
http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm
Added Reference 
http://svn.apache.org/viewvc?view=rev&revision=394965
Added Reference 
http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631
Added Reference 
http://www-1.ibm.com/support/docview.wss?uid=swg24013080
Added Reference 
http://www.debian.org/security/2006/dsa-1167
Added Reference 
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html
Added Reference 
http://www.novell.com/linux/security/advisories/2006_51_apache.html
Added Reference 
http://www.redhat.com/support/errata/RHSA-2006-0619.html
Added Reference 
http://www.securityfocus.com/bid/19661
Added Reference 
http://www.securitytracker.com/id?1024144
Added Reference 
http://www.ubuntu.com/usn/usn-575-1
Added Reference 
http://www.vupen.com/english/advisories/2006/2963
Added Reference 
http://www.vupen.com/english/advisories/2006/2964
Added Reference 
http://www.vupen.com/english/advisories/2006/3264
Added Reference 
http://www.vupen.com/english/advisories/2006/4207
Added Reference 
http://www.vupen.com/english/advisories/2006/5089
Added Reference 
http://www.vupen.com/english/advisories/2010/1572
Added Reference 
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
Added Reference 
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
Added Reference 
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
Added Reference 
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
Added Reference 
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
Added Reference 
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
Added Reference 
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
Added Reference 
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
Added Reference 
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
Added Reference 
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
Added Reference 
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352
Added Reference 
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238

CVE Modified by MITRE 5/13/2024 9:38:29 PM

Action Type Old Value New Value

CVE Modified by MITRE 11/06/2023 8:59:11 PM

Action Type Old Value New Value
Added Reference 
MITRE https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E [No types assigned]
Added Reference 
MITRE https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E [No types assigned]
Added Reference 
MITRE https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E [No types assigned]
Added Reference 
MITRE https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E [No types assigned]
Added Reference 
MITRE https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E [No types assigned]
Added Reference 
MITRE https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E [No types assigned]
Added Reference 
MITRE https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E [No types assigned]
Added Reference 
MITRE https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E [No types assigned]
Added Reference 
MITRE https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E [No types assigned]
Removed Reference 
MITRE https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
Removed Reference 
MITRE https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
Removed Reference 
MITRE https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E
Removed Reference 
MITRE https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
Removed Reference 
MITRE https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E
Removed Reference 
MITRE https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E
Removed Reference 
MITRE https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E
Removed Reference 
MITRE https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
Removed Reference 
MITRE https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E

Modified Analysis by NIST 9/21/2022 3:35:51 PM

Action Type Old Value New Value
Added CWE 
NIST CWE-79
Removed CWE 
NIST NVD-CWE-Other
Changed CPE Configuration 
OR
 *cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:1.3.11:*:win32:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:1.3.12:*:win32:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*
 *cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
 *cpe:2.3:a:ibm:http_server:6.0:*:*:*:*:*:*:*
 *cpe:2.3:a:ibm:http_server:6.1:*:*:*:*:*:*:*


 
OR
 *cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from (including) 1.3.3 up to (excluding) 1.3.35
Added CPE Configuration 
OR
 *cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
 *cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
Added CPE Configuration 
OR
 *cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
Added CPE Configuration 
OR
 *cpe:2.3:o:redhat:enterprise_linux_server:2.0:*:*:*:*:*:*:*
 *cpe:2.3:o:redhat:enterprise_linux_workstation:2.0:*:*:*:*:*:*:*
Changed Reference Type 
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P No Types Assigned


 
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P Broken Link
Changed Reference Type 
http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html Exploit


 
http://archives.neohapsis.com/archives/bugtraq/2006-05/0151.html Broken Link, Exploit
Changed Reference Type 
http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html Exploit


 
http://archives.neohapsis.com/archives/bugtraq/2006-07/0425.html Broken Link, Exploit
Changed Reference Type 
http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html No Types Assigned


 
http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html Third Party Advisory
Changed Reference Type 
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html No Types Assigned


 
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html Mailing List, Third Party Advisory
Changed Reference Type 
http://marc.info/?l=bugtraq&m=125631037611762&w=2 No Types Assigned


 
http://marc.info/?l=bugtraq&m=125631037611762&w=2 Issue Tracking, Mailing List, Third Party Advisory
Changed Reference Type 
http://marc.info/?l=bugtraq&m=129190899612998&w=2 No Types Assigned


 
http://marc.info/?l=bugtraq&m=129190899612998&w=2 Issue Tracking, Mailing List, Third Party Advisory
Changed Reference Type 
http://marc.info/?l=bugtraq&m=130497311408250&w=2 No Types Assigned


 
http://marc.info/?l=bugtraq&m=130497311408250&w=2 Issue Tracking, Mailing List, Third Party Advisory
Changed Reference Type 
http://openbsd.org/errata.html#httpd2 No Types Assigned


 
http://openbsd.org/errata.html#httpd2 Third Party Advisory
Changed Reference Type 
http://rhn.redhat.com/errata/RHSA-2006-0618.html No Types Assigned


 
http://rhn.redhat.com/errata/RHSA-2006-0618.html Third Party Advisory
Changed Reference Type 
http://rhn.redhat.com/errata/RHSA-2006-0692.html No Types Assigned


 
http://rhn.redhat.com/errata/RHSA-2006-0692.html Third Party Advisory
Changed Reference Type 
http://secunia.com/advisories/21172 Patch, Vendor Advisory


 
http://secunia.com/advisories/21172 Not Applicable, Patch, Vendor Advisory
Changed Reference Type 
http://secunia.com/advisories/21174 Patch, Vendor Advisory


 
http://secunia.com/advisories/21174 Not Applicable, Patch, Vendor Advisory
Changed Reference Type 
http://secunia.com/advisories/21399 No Types Assigned


 
http://secunia.com/advisories/21399 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/21478 No Types Assigned


 
http://secunia.com/advisories/21478 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/21598 No Types Assigned


 
http://secunia.com/advisories/21598 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/21744 No Types Assigned


 
http://secunia.com/advisories/21744 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/21848 No Types Assigned


 
http://secunia.com/advisories/21848 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/21986 No Types Assigned


 
http://secunia.com/advisories/21986 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/22140 No Types Assigned


 
http://secunia.com/advisories/22140 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/22317 No Types Assigned


 
http://secunia.com/advisories/22317 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/22523 No Types Assigned


 
http://secunia.com/advisories/22523 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/28749 No Types Assigned


 
http://secunia.com/advisories/28749 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/29640 No Types Assigned


 
http://secunia.com/advisories/29640 Not Applicable
Changed Reference Type 
http://secunia.com/advisories/40256 No Types Assigned


 
http://secunia.com/advisories/40256 Not Applicable
Changed Reference Type 
http://securityreason.com/securityalert/1294 No Types Assigned


 
http://securityreason.com/securityalert/1294 Exploit, Third Party Advisory
Changed Reference Type 
http://securitytracker.com/id?1016569 No Types Assigned


 
http://securitytracker.com/id?1016569 Broken Link, Third Party Advisory, VDB Entry
Changed Reference Type 
http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm No Types Assigned


 
http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm Third Party Advisory
Changed Reference Type 
http://svn.apache.org/viewvc?view=rev&revision=394965 Exploit


 
http://svn.apache.org/viewvc?view=rev&revision=394965 Exploit, Vendor Advisory
Changed Reference Type 
http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631 No Types Assigned


 
http://www-1.ibm.com/support/docview.wss?uid=swg1PK24631 Third Party Advisory
Changed Reference Type 
http://www-1.ibm.com/support/docview.wss?uid=swg24013080 No Types Assigned


 
http://www-1.ibm.com/support/docview.wss?uid=swg24013080 Third Party Advisory
Changed Reference Type 
http://www.debian.org/security/2006/dsa-1167 No Types Assigned


 
http://www.debian.org/security/2006/dsa-1167 Third Party Advisory
Changed Reference Type 
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html No Types Assigned


 
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-2.html Third Party Advisory
Changed Reference Type 
http://www.novell.com/linux/security/advisories/2006_51_apache.html No Types Assigned


 
http://www.novell.com/linux/security/advisories/2006_51_apache.html Third Party Advisory
Changed Reference Type 
http://www.redhat.com/support/errata/RHSA-2006-0619.html No Types Assigned


 
http://www.redhat.com/support/errata/RHSA-2006-0619.html Third Party Advisory
Changed Reference Type 
http://www.securityfocus.com/bid/19661 No Types Assigned


 
http://www.securityfocus.com/bid/19661 Third Party Advisory, VDB Entry
Changed Reference Type 
http://www.securitytracker.com/id?1024144 No Types Assigned


 
http://www.securitytracker.com/id?1024144 Broken Link, Third Party Advisory, VDB Entry
Changed Reference Type 
http://www.ubuntu.com/usn/usn-575-1 No Types Assigned


 
http://www.ubuntu.com/usn/usn-575-1 Third Party Advisory
Changed Reference Type 
http://www.vupen.com/english/advisories/2006/2963 No Types Assigned


 
http://www.vupen.com/english/advisories/2006/2963 Permissions Required
Changed Reference Type 
http://www.vupen.com/english/advisories/2006/2964 No Types Assigned


 
http://www.vupen.com/english/advisories/2006/2964 Permissions Required
Changed Reference Type 
http://www.vupen.com/english/advisories/2006/3264 No Types Assigned


 
http://www.vupen.com/english/advisories/2006/3264 Permissions Required
Changed Reference Type 
http://www.vupen.com/english/advisories/2006/4207 No Types Assigned


 
http://www.vupen.com/english/advisories/2006/4207 Permissions Required
Changed Reference Type 
http://www.vupen.com/english/advisories/2006/5089 No Types Assigned


 
http://www.vupen.com/english/advisories/2006/5089 Permissions Required
Changed Reference Type 
http://www.vupen.com/english/advisories/2010/1572 No Types Assigned


 
http://www.vupen.com/english/advisories/2010/1572 Permissions Required
Changed Reference Type 
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 No Types Assigned


 
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 Broken Link
Changed Reference Type 
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E No Types Assigned


 
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E Mailing List, Vendor Advisory
Changed Reference Type 
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E No Types Assigned


 
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E Mailing List, Vendor Advisory
Changed Reference Type 
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E No Types Assigned


 
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E Mailing List, Vendor Advisory
Changed Reference Type 
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E No Types Assigned


 
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E Mailing List, Vendor Advisory
Changed Reference Type 
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E No Types Assigned


 
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E Mailing List, Vendor Advisory
Changed Reference Type 
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E No Types Assigned


 
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E Mailing List, Vendor Advisory
Changed Reference Type 
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E No Types Assigned


 
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E Mailing List, Vendor Advisory
Changed Reference Type 
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E No Types Assigned


 
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E Mailing List, Vendor Advisory
Changed Reference Type 
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E No Types Assigned


 
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E Mailing List, Vendor Advisory
Changed Reference Type 
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352 No Types Assigned


 
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352 Third Party Advisory
Changed Reference Type 
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238 No Types Assigned


 
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238 Third Party Advisory

CVE Modified by MITRE 6/06/2021 7:15:14 AM

Action Type Old Value New Value
Added Reference 
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 6/06/2021 6:15:09 AM

Action Type Old Value New Value
Added Reference 
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 6/03/2021 4:15:10 AM

Action Type Old Value New Value
Added Reference 
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
Added Reference 
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 3/30/2021 9:15:16 AM

Action Type Old Value New Value
Added Reference 
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
Added Reference 
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
Added Reference 
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 3/30/2021 8:15:38 AM

Action Type Old Value New Value
Added Reference 
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E [No Types Assigned]
Added Reference 
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 10/10/2017 9:31:08 PM

Action Type Old Value New Value
Added Reference 
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10352 [No Types Assigned]
Added Reference 
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12238 [No Types Assigned]
Removed Reference 
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10352 [No Types Assigned]
Removed Reference 
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12238 [No Types Assigned]

Initial CVE Analysis 7/31/2006 3:50:00 PM

Action Type Old Value New Value

Quick Info

CVE Dictionary Entry:
CVE-2006-3918
NVD Published Date:
07/27/2006
NVD Last Modified:
04/02/2025
Source:
MITRE

AltStyle によって変換されたページ (->オリジナル) /