|
|
CVE Reference: CVE-2003-0189 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2003-0189 |
|
|
Description: The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/12091 SAID Secunia Advisory: SA8881 REDHAT http://www.redhat.com/support/errata/RHSA-2003-186.html CONFIRM http://www.apache.org/dist/httpd/Announcement2.html CONECTIVA http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000661 CERT-VN 479268 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=105418115512559&w=2 BID 7725 |
|
| Return to the previous page. |
