cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
Max CVSS
5.4
EPSS Score
97.27%
Published
2005-12-31
Updated
2023-02-13
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
Max CVSS
5.0
EPSS Score
0.79%
Published
2005-10-25
Updated
2023-02-13
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
Max CVSS
5.0
EPSS Score
93.96%
Published
2005-08-30
Updated
2021-06-06
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
Max CVSS
5.0
EPSS Score
0.89%
Published
2005-08-05
Updated
2023-02-13
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
Max CVSS
5.0
EPSS Score
96.51%
Published
2005-02-09
Updated
2021-06-06
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!