FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

apache2 -- SSL remote DoS

Affected packages
2.0 < apache < 2.0.51

Details

VuXML ID 7b81fc47-239f-11d9-814e-0001020eed82
Discovery 2004-07-07
Entry 2004-10-21

The Apache HTTP Server 2.0.51 release notes report that the following issues have been fixed:

A segfault in mod_ssl which can be triggered by a malicious remote server, if proxying to SSL servers has been configured. [CAN-2004-0751]

A potential infinite loop in mod_ssl which could be triggered given particular timing of a connection abort. [CAN-2004-0748]

References

Bugtraq ID 11094
Bugtraq ID 11154
CVE Name CVE-2004-0748
CVE Name CVE-2004-0751
Message 029f01c49b54$dec30f20$1500a8c0@Cougar
URL http://nagoya.apache.org/bugzilla/show_bug.cgi?id=29964
URL http://nagoya.apache.org/bugzilla/show_bug.cgi?id=30134