CVE-2004-0113 Information
Share on:Description
Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
Reference
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000839 http://issues.apache.org/bugzilla/show_bug.cgi?id=27106 http://marc.info/?l=apache-cvs&m=107869699329638 http://marc.info/?l=bugtraq&m=108034113406858&w=2 http://marc.info/?l=bugtraq&m=108369640424244&w=2 http://marc.info/?l=bugtraq&m=108731648532365&w=2 http://security.gentoo.org/glsa/glsa-200403-04.xml http://www.apacheweek.com/features/security-20 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:043 http://www.osvdb.org/4182 http://www.redhat.com/support/errata/RHSA-2004-084.html http://www.redhat.com/support/errata/RHSA-2004-182.html http://www.securityfocus.com/bid/9826 http://www.trustix.org/errata/2004/0017 https://exchange.xforce.ibmcloud.com/vulnerabilities/15419 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@3Ccvs.httpd.apache.org3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@3Ccvs.httpd.apache.org3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@3Ccvs.httpd.apache.org3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@3Ccvs.httpd.apache.org3E https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A876