5.4

CVE-2005-3357

mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheHTTP Server Version2.0
ApacheHTTP Server Version2.0.9
ApacheHTTP Server Version2.0.28
ApacheHTTP Server Version2.0.28 Updatebeta
ApacheHTTP Server Version2.0.32
ApacheHTTP Server Version2.0.35
ApacheHTTP Server Version2.0.36
ApacheHTTP Server Version2.0.37
ApacheHTTP Server Version2.0.38
ApacheHTTP Server Version2.0.39
ApacheHTTP Server Version2.0.40
ApacheHTTP Server Version2.0.41
ApacheHTTP Server Version2.0.42
ApacheHTTP Server Version2.0.43
ApacheHTTP Server Version2.0.44
ApacheHTTP Server Version2.0.45
ApacheHTTP Server Version2.0.46
ApacheHTTP Server Version2.0.47
ApacheHTTP Server Version2.0.48
ApacheHTTP Server Version2.0.49
ApacheHTTP Server Version2.0.50
ApacheHTTP Server Version2.0.51
ApacheHTTP Server Version2.0.52
ApacheHTTP Server Version2.0.53
ApacheHTTP Server Version2.0.54
ApacheHTTP Server Version2.0.55
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 24.29% 0.976
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.4 4.9 6.9
AV:N/AC:H/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
http://marc.info/?l=bugtraq&m=130497311408250&w=2
ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
http://secunia.com/advisories/18517
Patch
Vendor Advisory
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
http://secunia.com/advisories/18333
Patch
Vendor Advisory
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
http://secunia.com/advisories/21848
Vendor Advisory
http://secunia.com/advisories/22523
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4207
Vendor Advisory
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html
http://rhn.redhat.com/errata/RHSA-2006-0159.html
Patch
Vendor Advisory
http://secunia.com/advisories/18585
Patch
Vendor Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html
Patch
http://www.securityfocus.com/archive/1/425399/100/0/threaded
http://secunia.com/advisories/22669
Vendor Advisory
http://www.securityfocus.com/archive/1/450315/100/0/threaded
http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html
Vendor Advisory
http://secunia.com/advisories/19012
Vendor Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
http://secunia.com/advisories/18339
Patch
Vendor Advisory
http://secunia.com/advisories/18340
Patch
Vendor Advisory
http://secunia.com/advisories/18429
Patch
Vendor Advisory
http://secunia.com/advisories/18743
Patch
Vendor Advisory
http://secunia.com/advisories/22368
Vendor Advisory
http://secunia.com/advisories/23260
Vendor Advisory
http://secunia.com/advisories/29849
Vendor Advisory
http://secunia.com/advisories/30430
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1
http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/445206/100/0/threaded
http://www.trustix.org/errata/2005/0074/
Patch
Vendor Advisory
http://www.ubuntulinux.org/usn/usn-241-1
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
US Government Resource
http://www.vupen.com/english/advisories/2006/3995
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4300
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4868
Vendor Advisory
http://www.vupen.com/english/advisories/2008/1246/references
Vendor Advisory
http://www.vupen.com/english/advisories/2008/1697
Vendor Advisory
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
http://issues.apache.org/bugzilla/show_bug.cgi?id=37791
http://secunia.com/advisories/18307
Patch
Vendor Advisory
http://secunia.com/advisories/22233
Vendor Advisory
http://secunia.com/advisories/22992
Vendor Advisory
http://securitytracker.com/id?1015447
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1
http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm
http://svn.apache.org/viewcvs?rev=358026&view=rev
http://www.securityfocus.com/bid/16152
http://www.vupen.com/english/advisories/2006/0056
Vendor Advisory
http://www.vupen.com/english/advisories/2006/3920
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467