- Home
- CVEs with nessus.description==Several vulnerabilities were discovered in Apache 2.x versions prior
to 2.0.47. From the Apache 2.0.47 release notes :
Certain sequences of per-directory renegotiations and the
SSLCipherSuite directive being used to upgrade from a weak ciphersuite
to a strong one could result in the weak ciphersuite being used in
place of the new one (CVE-2003-0192).
Certain errors returned by accept() on rarely accessed ports could
cause temporary Denial of Service due to a bug in the prefork MPM
(CVE-2003-0253).
Denial of Service was caused when target host is IPv6 but FTP proxy
server can't create IPv6 socket (CVE-2003-0254).
The server would crash when going into an infinite loop due to too
many subsequent internal redirects and nested subrequests (VU#379828).
The Apache Software Foundation thanks Saheed Akhtar and Yoshioka
Tsuneo for responsibly reporting these issues.
To upgrade these apache packages, first stop Apache by issuing, as
root :
service httpd stop
After the upgrade, restart Apache with :
service httpd start
Update :
The previously released packages had a manpage conflict between
apache2-common and apache-1.3 that prevented both packages from being
installed at the same time. This update provides a fixed
apache2-common package.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top