CVE-2003-0254Infinite Loop in Apache Http Server

7 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
7.3%
top 8.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Http Server
Timeline
PublishedAug 18
Latest updateApr 29

Description

Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapache/http_server15 versions+14

Patches

Patch: www.redhat.comPatch: www.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-mq68-g7rr-6m25: Apache 2 before 22022-04-29
OSV
CVE-2003-0254: Apache 2 before 22003-08-18
CVEList
CVE-2003-0254: Apache 2 before 22003-07-10

📋Vendor Advisories

2
Red Hat
security flaw2003-07-09
Debian
CVE-2003-0254: apache2 - Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause ...2003

💬Community

1
Bugzilla
CVE-2003-0254 security flaw2018-08-16
CVE-2003-0254 — Infinite Loop in Apache Http Server | cvebase