Vulnerability Details : CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier.
Vulnerability category: Memory Corruption
Threat overview for CVE-2006-20001
Top countries where our scanners detected CVE-2006-20001
Top open port discovered on systems with this issue 80
IPs affected by CVE-2006-20001 5,257,009
Threat actors abusing to this issue? Yes
Find out if you* are affected by CVE-2006-20001!
*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2006-20001
Probability of exploitation activity in the next 30 days: 0.04%
CVSS scores for CVE-2006-20001
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
CWE ids for CVE-2006-20001
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: email@example.com (Primary)
References for CVE-2006-20001
httpd 2.4 vulnerabilities - The Apache HTTP Server ProjectRelease Notes;Vendor Advisory
Apache HTTPD: Multiple Vulnerabilities (GLSA 202309-01) — Gentoo security