CVE-2004-0786 — Apache Http Server vulnerability

7 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

48.4%

top 2.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Http Server

Timeline

PublishedOct 20

Latest updateApr 29

Description

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapache/http_server2.0.35 — 2.0.51

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-p82f-x8x2-gj7g: The IPv6 URI parsing routines in the apr-util library for Apache 2↗2022-04-29

▶

OSV

CVE-2004-0786: The IPv6 URI parsing routines in the apr-util library for Apache 2↗2004-10-20

▶

CVEList

CVE-2004-0786: The IPv6 URI parsing routines in the apr-util library for Apache 2↗2004-09-17

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-09-15

▶

Debian

CVE-2004-0786: apache2 - The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earl...↗2004

▶

💬Community

Bugzilla

CVE-2004-0786 security flaw↗2018-08-16

▶