FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2003-1054

This CVE name corresponds to:

Entered Topic
2004-12-11 mod_access_referer -- null pointer dereference vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2003-1054 at cve.mitre.org

Details

Type Candidate
Name CVE-2003-1054
Phase Assigned(20050119)

Description

mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.

References

Source Reference
FULLDISC 20030416 [VulnWatch] Apache mod_access_referer denial of service issue
MISC http://sourceforge.net/project/shownotes.php?release_id=151905
CONFIRM http://www.vuxml.org/freebsd/af747389-42ba-11d9-bd37-00065be4b5b6.html
BID 7375
SECUNIA 8612

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.