Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0942 — Apache Http Server vulnerability

9 documents9 sources
Severity
5.0MEDIUMNVD
EPSS
79.2%
top 0.93%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apache Http Server
Timeline
PublishedFeb 9
Latest updateApr 29

Description

Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

â–¶NVDapache/http_server2.0.52

🔴Vulnerability Details

3
GHSA
GHSA-4vvg-48v9-mm83: Apache webserver 2↗2022-04-29
â–¶
OSV
CVE-2004-0942: Apache webserver 2↗2005-02-09
â–¶
CVEList
CVE-2004-0942: Apache webserver 2↗2004-11-04
â–¶

💥Exploits & PoCs

1
Exploit-DB
Apache 2.0.52 - GET Denial of Service↗2005-03-04
â–¶

📋Vendor Advisories

3
Ubuntu
apache2 vulnerability↗2004-11-12
â–¶
Red Hat
security flaw↗2004-11-01
â–¶
Debian
CVE-2004-0942: apache2 - Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of...↗2004
â–¶

💬Community

1
Bugzilla
CVE-2004-0942 security flaw↗2018-08-16
â–¶
CVE-2004-0942 — Apache Http Server vulnerability | cvebase