FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0748

This CVE name corresponds to:

Entered Topic
2004-10-21 apache2 -- SSL remote DoS

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2004-0748 at cve.mitre.org

Details

Type Candidate
Name CVE-2004-0748
Phase Assigned(20040726)

Description

mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.

References

Source Reference
CONFIRM https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=130750
GENTOO GLSA-200409-21
MANDRAKE MDKSA-2004:096
REDHAT RHSA-2004:349
SUSE SUSE-SA:2004:030
TRUSTIX 2004-0047
AUSCERT ESB-2004.0553
OVAL oval:org.mitre.oval:def:11126
XF apache-modssl-dos(17200)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.