CVE-2006-20001

CVE-2006-20001: Apache HTTP Server: mod_dav out of bounds read, or write of zero byte

Vendor Apache Software Foundation

Product Apache HTTP Server

Weakness CWE-787

Published January 17, 2023

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier.

Key dates

Disclosure timeline

January 17, 2023 CVE published

February 13, 2025 Record updated