5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.429 Medium
EPSS
Percentile
97.4%
A race condition exists in Apache 2 HTTP Server that may cause a denial-of-service condition on some platforms.
Apache HTTP Server versions 2.0.48 and prior contain a race condition in the handling of short-lived connections. According to the Apache anouncement, when using multiple listening sockets, a short-lived connection on a rarely-used socket may cause the child process to hold the accept mutex, blocking new connections from being served until another connection uses the socket.
This vulnerability does not affect Apache 2.x servers running on FreeBSD or Linux.
A denial-of-service situation may occur due the race condition until another connection is made the the socket.
This problem is resolved in Apache HTTP Server 2.0.49.
132110
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: March 24, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see, <http://www.apache.org/dist/httpd/Announcement2.html>
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23132110 Feedback>).
Updated: August 25, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see, <http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57628>.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23132110 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Apache Software Foundation for reporting this vulnerability.
This document was written by Jason A Rafail.
CVE IDs: | CVE-2004-0174 |
---|---|
Severity Metric: | 3.38 Date Public: |
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.429 Medium
EPSS
Percentile
97.4%