CVE-2006-5876
Debian Linux Security Advisory 1248-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The soup_headers_parse function in soup-headers.c for libsoup HTTP library before 2.2.99 allows remote attackers to cause a denial of service (crash) via malformed HTTP headers, probably involving missing fields or values.
La función soup_headers_parse en soup-headers.c para la librería libsoup HTTP anterior a 2.2.99 permite a atacantes remotos provocar una denegación de servicio (caída) mediante cabeceras HTTP mal formadas, que probablemente implican campos o valores que faltan.
Roland Lezuo and Josselin Mouette discovered that the HTTP server code in libsoup did not correctly verify request headers. Remote attackers could crash applications using libsoup by sending a crafted HTTP request, resulting in a denial of service.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-11-14 CVE Reserved
- 2007-01-14 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (16)
URL | Tag | Source |
---|---|---|
http://ftp.gnome.org/pub/gnome/sources/libsoup/2.2/libsoup-2.2.99.news | X_refsource_confirm | |
http://osvdb.org/31667 | Vdb Entry | |
http://secunia.com/advisories/23734 | Third Party Advisory | |
http://secunia.com/advisories/23770 | Third Party Advisory | |
http://secunia.com/advisories/23871 | Third Party Advisory | |
http://secunia.com/advisories/23873 | Third Party Advisory | |
http://secunia.com/advisories/23961 | Third Party Advisory | |
http://secunia.com/advisories/23976 | Third Party Advisory | |
http://www.securityfocus.com/bid/22034 | Vdb Entry | |
http://www.vupen.com/english/advisories/2007/0173 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/31519 | Vdb Entry | |
https://issues.rpath.com/browse/RPL-965 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://fedoranews.org/cms/node/2509 | 2017-07-20 | |
http://www.debian.org/security/2007/dsa-1248 | 2017-07-20 | |
http://www.mandriva.com/security/advisories?name=MDKSA-2007:029 | 2017-07-20 | |
http://www.ubuntu.com/usn/usn-411-1 | 2017-07-20 |