CVE-2004-0748Infinite Loop in Apache Http Server

CWE-835Infinite Loop7 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
18.8%
top 4.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Http Server
Timeline
PublishedOct 20
Latest updateApr 29

Description

mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapache/http_server2.0.352.0.51

🔴Vulnerability Details

3
GHSA
GHSA-4v97-3733-h7mw: mod_ssl in Apache 22022-04-29
OSV
CVE-2004-0748: mod_ssl in Apache 22004-10-20
CVEList
CVE-2004-0748: mod_ssl in Apache 22004-09-10

📋Vendor Advisories

2
Red Hat
security flaw2004-07-07
Debian
CVE-2004-0748: apache2 - mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial o...2004

💬Community

1
Bugzilla
CVE-2004-0748 security flaw2018-08-16
CVE-2004-0748 — Infinite Loop in Apache Http Server | cvebase