ID CVE-2004-0113
Summary Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
References
Vulnerable Configurations
  • Apache Software Foundation Apache HTTP Server 2.0.35
    cpe:2.3:a:apache:http_server:2.0.35
  • Apache Software Foundation Apache HTTP Server 2.0.36
    cpe:2.3:a:apache:http_server:2.0.36
  • Apache Software Foundation Apache HTTP Server 2.0.37
    cpe:2.3:a:apache:http_server:2.0.37
  • Apache Software Foundation Apache HTTP Server 2.0.38
    cpe:2.3:a:apache:http_server:2.0.38
  • Apache Software Foundation Apache HTTP Server 2.0.39
    cpe:2.3:a:apache:http_server:2.0.39
  • Apache Software Foundation Apache HTTP Server 2.0.40
    cpe:2.3:a:apache:http_server:2.0.40
  • Apache Software Foundation Apache HTTP Server 2.0.41
    cpe:2.3:a:apache:http_server:2.0.41
  • Apache Software Foundation Apache HTTP Server 2.0.42
    cpe:2.3:a:apache:http_server:2.0.42
  • Apache Software Foundation Apache HTTP Server 2.0.43
    cpe:2.3:a:apache:http_server:2.0.43
  • Apache Software Foundation Apache HTTP Server 2.0.44
    cpe:2.3:a:apache:http_server:2.0.44
  • Apache Software Foundation Apache HTTP Server 2.0.45
    cpe:2.3:a:apache:http_server:2.0.45
  • Apache Software Foundation Apache HTTP Server 2.0.46
    cpe:2.3:a:apache:http_server:2.0.46
  • Apache Software Foundation Apache HTTP Server 2.0.47
    cpe:2.3:a:apache:http_server:2.0.47
  • Apache Software Foundation Apache HTTP Server 2.0.48
    cpe:2.3:a:apache:http_server:2.0.48
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_APACHE_2048_3.NASL
    description The following package needs to be updated: apache
    last seen 2016-09-26
    modified 2011-10-03
    plugin id 12525
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12525
    title FreeBSD : Apache 2 mod_ssl denial-of-service (12)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD20040503.NASL
    description The remote host is missing Security Update 2004-05-03. This security update includes updates for AFP Server, CoreFoundation, and IPSec. It also includes Security Update 2004-04-05, which includes updates for CUPS, libxml2, Mail, and OpenSSL. For Mac OS X 10.2.8, it also includes updates for Apache 1.3, cd9660.util, Classic, CUPS, Directory Services, DiskArbitration, fetchmail, fs_usage, gm4, groff, Mail, OpenSSL, Personal File Sharing, PPP, rsync, Safari, System Configuration, System Initialization, and zlib. This update fixes various issues which may allow an attacker to execute arbitrary code on the remote host.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 12518
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12518
    title Mac OS X Multiple Vulnerabilities (Security Update 2004-05-03)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-043.NASL
    description A memory leak in mod_ssl in the Apache HTTP Server prior to version 2.0.49 allows a remote denial of service attack against an SSL-enabled server. The updated packages provide a patched mod_ssl to correct these problems.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14142
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14142
    title Mandrake Linux Security Advisory : apache2 (MDKSA-2004:043)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200403-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-200403-04 (Multiple security vulnerabilities in Apache 2) Three vulnerabilities were found: A memory leak in ssl_engine_io.c for mod_ssl in Apache 2.0.48 and below allows remote attackers to cause a denial of service attack via plain HTTP requests to the SSL port of an SSL-enabled server. Apache fails to filter terminal escape sequences from error logs that begin with the ASCII (0x1B) sequence and are followed by a series of arguments. If a remote attacker could inject escape sequences into an Apache error log, the attacker could take advantages of weaknesses in various terminal emulators, launching attacks against remote users including further denial of service attacks, file modification, and the execution of arbitrary commands. The Apache mod_disk_cache has been found to be vulnerable to a weakness that allows attackers to gain access to authentication credentials through the issue of caching HTTP hop-by-hop headers which would contain plaintext user passwords. There is no available resolution for this issue yet. Impact : No special privileges are required for these vulnerabilities. As a result, all users are recommended to upgrade their Apache installations. Workaround : There is no immediate workaround; a software upgrade is required. There is no workaround for the mod_disk_cache issue; users are recommended to disable the feature on their servers until a patched version is released.
    last seen 2019-02-21
    modified 2015-04-13
    plugin id 14455
    published 2004-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14455
    title GLSA-200403-04 : Multiple security vulnerabilities in Apache 2
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-084.NASL
    description Updated httpd packages are now available that fix a denial of service vulnerability in mod_ssl and include various other bug fixes. The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server. A memory leak in mod_ssl in the Apache HTTP Server prior to version 2.0.49 allows a remote denial of service attack against an SSL-enabled server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0113 to this issue. This update also includes various bug fixes, including : - improvements to the mod_expires, mod_dav, mod_ssl and mod_proxy modules - a fix for a bug causing core dumps during configuration parsing on the IA64 platform - an updated version of mod_include fixing several edge cases in the SSI parser Additionally, the mod_logio module is now included. Users of the Apache HTTP server should upgrade to these updated packages, which contain backported patches that address these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12473
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12473
    title RHEL 3 : httpd (RHSA-2004:084)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_492F889670FA11D8873F0020ED76EF5A.NASL
    description Joe Orton reports a memory leak in Apache 2's mod_ssl. A remote attacker may issue HTTP requests on an HTTPS port, causing an error. Due to a bug in processing this condition, memory associated with the connection is not freed. Repeated requests can result in consuming all available memory resources, probably resulting in termination of the Apache process.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 36300
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36300
    title FreeBSD : Apache 2 mod_ssl denial-of-service (492f8896-70fa-11d8-873f-0020ed76ef5a)
  • NASL family Web Servers
    NASL id APACHE_2_0_49_MOD_SSL.NASL
    description The remote host appears to be running a version of Apache 2.0.x prior to 2.0.49. It is, therefore, affected by a denial of service vulnerability in the 'mod_ssl' module. An attacker can exploit this to deny service to the Apache server.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 12100
    published 2004-03-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12100
    title Apache 2.0.x < 2.0.49 mod_ssl Plain HTTP Request DoS
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30648.NASL
    description s700_800 11.04 Virtualvault 4.5 OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112. (HPSBUX01019 SSRT4717) - A potential security vulnerability has been identified with Apache running on HP-UX where a buffer overflow could be exploited remotely to execute arbitrary code. - A potential security vulnerability has been identified with HP-UX running Apache where the vulnerability could be exploited remotely to create a Denial of Service (DoS) or to execute arbitrary code. - A potential security vulnerability has been identified with Apache running on HP-UX where the vulnerability could be exploited remotely to create a Denial of Service (DoS) or to bypass access restrictions.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17532
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17532
    title HP-UX PHSS_30648 : s700_800 11.04 Virtualvault 4.5 OWS update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30650.NASL
    description s700_800 11.04 Webproxy server 2.0 update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17534
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17534
    title HP-UX PHSS_30650 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30640.NASL
    description s700_800 11.04 Virtualvault 4.7 OpenSSH update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17525
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17525
    title HP-UX PHSS_30640 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30644.NASL
    description s700_800 11.04 Virtualvault 4.6 OpenSSH update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17529
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17529
    title HP-UX PHSS_30644 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30649.NASL
    description s700_800 11.04 Webproxy server 2.1 update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17533
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17533
    title HP-UX PHSS_30649 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30643.NASL
    description s700_800 11.04 Virtualvault 4.6 IWS update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17528
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17528
    title HP-UX PHSS_30643 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30647.NASL
    description s700_800 11.04 Virtualvault 4.5 IWS Update : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with Apache running on HP-UX where the vulnerability could be exploited remotely to create a Denial of Service (DoS) or to bypass access restrictions. - A potential security vulnerability has been identified with HP-UX running Apache where the vulnerability could be exploited remotely to create a Denial of Service (DoS) or to execute arbitrary code. - A potential security vulnerability has been identified with Apache running on HP-UX where a buffer overflow could be exploited remotely to execute arbitrary code. - Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112. (HPSBUX01019 SSRT4717)
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17070
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17070
    title HP-UX PHSS_30647 : s700_800 11.04 Virtualvault 4.5 IWS Update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30641.NASL
    description s700_800 11.04 Virtualvault 4.7 OWS update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17526
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17526
    title HP-UX PHSS_30641 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30645.NASL
    description s700_800 11.04 Virtualvault 4.6 OWS update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17530
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17530
    title HP-UX PHSS_30645 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30646.NASL
    description s700_800 11.04 Virtualvault 4.6 TGP update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17531
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17531
    title HP-UX PHSS_30646 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30642.NASL
    description s700_800 11.04 Virtualvault 4.7 TGP update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17527
    published 2005-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17527
    title HP-UX PHSS_30642 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_30639.NASL
    description s700_800 11.04 Virtualvault 4.7 IWS update : Two potential security vulnerabilities have been identified in OpenSSL by NISCC (224012/1 and 224012/2). The Common Vulnerabilities and Exposures project has referenced them as the following CAN-2004-0079, and CAN-2004-0112. The CERT summary is TA04-078A. 1. The do_change_cipher_spec function in OpenSSL allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that triggers a null dereference. CVE-2004-0079 2. The SSL/TLS handshaking, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service via a crafted SSL/TLS handshake that causes an out-of-bounds read. CVE-2004-0112.
    last seen 2019-02-21
    modified 2014-05-22
    plugin id 17071
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17071
    title HP-UX PHSS_30639 : HP-UX Running Apache, Remote Denial of Service (DoS) (HPSBUX01019 SSRT4717 rev.3)
oval via4
accepted 2010-09-20T04:00:44.890-04:00
class vulnerability
contributors
  • name Jay Beale
    organization Bastille Linux
  • name Jay Beale
    organization Bastille Linux
  • name Thomas R. Jones
    organization Maitreya Security
  • name Jonathan Baker
    organization The MITRE Corporation
description Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
family unix
id oval:org.mitre.oval:def:876
status accepted
submitted 2004-03-26T12:00:00.000-04:00
title Apache 2 Denial of Service due to Memory Leak in mod_ssl
version 35
redhat via4
advisories
  • rhsa
    id RHSA-2004:084
  • rhsa
    id RHSA-2004:182
refmap via4
apple APPLE-SA-2004-05-03
bid 9826
bugtraq 20040325 LNSA-#2004-0006: bug workaround for Apache 2.0.48
conectiva CLSA-2004:839
confirm http://www.apacheweek.com/features/security-20
gentoo GLSA-200403-04
hp SSRT4717
mandrake MDKSA-2004:043
misc http://issues.apache.org/bugzilla/show_bug.cgi?id=27106
mlist [apache-cvs] 20040307 cvs commit: httpd-2.0/modules/ssl ssl_engine_io.c
osvdb 4182
trustix 2004-0017
xf apache-modssl-plain-dos(15419)
statements via4
contributor Mark J Cox
lastmodified 2008-07-02
organization Apache
statement Fixed in Apache HTTP Server 2.0.49: http://httpd.apache.org/security/vulnerabilities_20.html
Last major update 17-10-2016 - 22:41
Published 29-03-2004 - 00:00
Last modified 09-10-2017 - 21:30
Back to Top