5.4
CVE-2005-3357
- EPSS 35.06%
- Published 31.12.2005 05:00:00
- Last modified 03.04.2025 01:03:51
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
Data is provided by the National Vulnerability Database (NVD)
Apache ≫ HTTP Server Version2.0
Apache ≫ HTTP Server Version2.0.9
Apache ≫ HTTP Server Version2.0.28
Apache ≫ HTTP Server Version2.0.28 Updatebeta
Apache ≫ HTTP Server Version2.0.32
Apache ≫ HTTP Server Version2.0.35
Apache ≫ HTTP Server Version2.0.36
Apache ≫ HTTP Server Version2.0.37
Apache ≫ HTTP Server Version2.0.38
Apache ≫ HTTP Server Version2.0.39
Apache ≫ HTTP Server Version2.0.40
Apache ≫ HTTP Server Version2.0.41
Apache ≫ HTTP Server Version2.0.42
Apache ≫ HTTP Server Version2.0.43
Apache ≫ HTTP Server Version2.0.44
Apache ≫ HTTP Server Version2.0.45
Apache ≫ HTTP Server Version2.0.46
Apache ≫ HTTP Server Version2.0.47
Apache ≫ HTTP Server Version2.0.48
Apache ≫ HTTP Server Version2.0.49
Apache ≫ HTTP Server Version2.0.50
Apache ≫ HTTP Server Version2.0.51
Apache ≫ HTTP Server Version2.0.52
Apache ≫ HTTP Server Version2.0.53
Apache ≫ HTTP Server Version2.0.54
Apache ≫ HTTP Server Version2.0.55
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 35.06% | 0.969 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.4 | 4.9 | 6.9 |
AV:N/AC:H/Au:N/C:N/I:N/A:C
|