Bug#416611: libapache-mod-perl: Possible DoS problem with PerlRun (CVE-2007-1349)

[Kjetil Kjernsmo <kjetilk@opera.com>]

On Friday 30 March 2007 09:44, Florian Weimer wrote:
> On the other hand, computing and matching regular expressions can be
> fairly expensive (exponential complexity and things like that).
> Usually, such bugs are hard to exploit unless you control both regexp
> and matched string.

Yup. It is probably not very easily exploited, but since you match the 
$uri with the $path_info, the client arguably controls both. I'm not 
going to sit down and figure out how to exploit it, or prove that it 
cannot be exploited but there are those with large amounts of time on 
their hands out there that may do it if it is at all a possible. I 
therefore think that an update with the one-line patch would be a good 
thing, even though it is not a very likely disaster area.

BTW, mod_perl 1.30 was just released. It has another couple of small 
bugfixes.

Cheers,

Kjetil
-- 
Kjetil Kjernsmo
Information Systems Developer
Opera Software ASA