PublicDate: 2007-08-23 22:17:00 UTC
Candidate: CVE-2007-3847
References: 
 https://rhn.redhat.com/errata/RHSA-2007-0911.html
 https://ubuntu.com/security/notices/USN-575-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
Description:
 The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache
 2.3.0, when using a threaded MPM, allows remote origin servers to cause a
 denial of service (caching forward proxy process crash) via crafted date
 headers that trigger a buffer over-read.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/163828
Priority: low
Discovered-by:
Assigned-to: 
CVSS: 

Patches_apache2:
 upstream: http://marc.info/?l=apache-cvs&m=118592992309395&w=2
dapper_apache2: released (2.0.55-4ubuntu2.3)
edgy_apache2: released (2.0.55-4ubuntu4.2)
feisty_apache2: released (2.2.3-3.2ubuntu2.1)
gutsy_apache2: released (2.2.4-3ubuntu0.1)
devel_apache2: not-affected (2.2.6-1)
upstream_apache2: needs-triage