Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SA:2004:030
HistorySep 06, 2004 - 1:51 p.m.

remote DoS condition in apache2

2004-09-0613:51:41
lists.opensuse.org
33

0.965 High

EPSS

Percentile

99.5%

JSON

The mod_ssl apache module, as part of our apache2 package, enables the apache webserver to handle the HTTPS protocol. Within the mod_ssl module, two Denial of Service conditions in the input filter have been found. The CVE project assigned the identifiers CAN-2004-0748 and CAN-2004-0751 to these issues.

Solution

As temporary workaround you may disable the mod_ssl module in your apache configuration and restart the apache process without SSL support.

OSVersionArchitecturePackageVersionFilename
openSUSE9.0i586apache2-worker< 2.0.48-135apache2-worker-2.0.48-135.i586.rpm
openSUSE9.0x86_64apache2-worker< 2.0.48-135apache2-worker-2.0.48-135.x86_64.rpm
openSUSE8.1i586apache2-prefork< 2.0.48-135apache2-prefork-2.0.48-135.i586.rpm
openSUSE9.0x86_64apache2< 2.0.48-135apache2-2.0.48-135.x86_64.rpm
openSUSE8.2i586libapr0< 2.0.48-135libapr0-2.0.48-135.i586.rpm
openSUSE8.1i586apache2-worker< 2.0.48-135apache2-worker-2.0.48-135.i586.rpm
openSUSE9.0i586apache2< 2.0.48-135apache2-2.0.48-135.i586.rpm
openSUSE8.2i586apache2-worker< 2.0.48-135apache2-worker-2.0.48-135.i586.rpm
openSUSE9.1i586apache2-prefork< 2.0.49-27.11apache2-prefork-2.0.49-27.11.i586.rpm
openSUSE9.1x86_64apache2-prefork< 2.0.49-27.11apache2-prefork-2.0.49-27.11.x86_64.rpm
Rows per page:
1-10 of 231

Related

openvas 58
nessus 51
redhat 4
slackware 3
suse 7
freebsd 13
securityvulns 11
gentoo 3
cve 16
cert 8
checkpoint_advisories 5
debiancve 2
ubuntucve 5
httpd 2
osv 3
coresecurity 1
debian 5
f5 2
openvas
openvas
SLES9: Security update for Mozilla
2009-10-10 00:00:00
SLES9: Security update for Mozilla
2009-10-10 00:00:00
Slackware Advisory SSA:2004-223-01 Mozilla
2012-09-11 00:00:00
nessus
nessus
RHEL 2.1 / 3 : mozilla (RHSA-2004:421)
2004-08-05 00:00:00
Slackware 10.0 / 9.1 / current : Mozilla (SSA:2004-223-01)
2005-07-13 00:00:00
Mandrake Linux Security Advisory : mozilla (MDKSA-2004:082)
2004-08-22 00:00:00
redhat
redhat
(RHSA-2004:421) mozilla security update
2004-08-04 00:00:00
(RHSA-2004:349) httpd security update
2004-09-01 00:00:00
(RHSA-2004:402) libpng security update
2004-08-04 00:00:00
slackware
slackware
[slackware-security] Mozilla
2004-08-10 21:17:12
libpng
2004-08-09 20:40:50
[slackware-security] imagemagick
2004-08-10 21:26:39
suse
suse
remote code execution in cups
2004-09-15 14:45:26
remote file disclosure in samba
2004-10-05 14:57:32
various vulnerabilities in mozilla
2004-10-06 13:11:21
freebsd
freebsd
apache2 -- SSL remote DoS
2004-07-07 00:00:00
mozilla -- automated file upload
2004-04-28 00:00:00
mozilla -- POP client heap overflow
2004-07-22 00:00:00
securityvulns
securityvulns
[ GLSA 200408-22 ] Mozilla, Firefox, Thunderbird: New releases fix vulnerabilities
2004-08-25 00:00:00
MDKSA-2004:096 - Updated apache2 packages fix multiple vulnerabilities
2004-09-16 00:00:00
[Full-Disclosure] iDEFENSE Security Advisory 08.02.04: Netscape/Mozilla SOAPParameter Constructor Integer Overflow Vulnerability
2004-08-03 00:00:00
gentoo
gentoo
Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities
2004-08-23 00:00:00
Apache 2, mod_dav: Multiple vulnerabilities
2004-09-16 00:00:00
libpng: Numerous vulnerabilities
2004-08-05 00:00:00
cve
cve
CVE-2004-0761
2004-08-18 04:00:00
CVE-2004-0757
2004-08-18 04:00:00
CVE-2004-0759
2004-08-18 04:00:00
cert
cert
Mozilla contains a buffer overflow in the SendUidl() function
2004-08-20 00:00:00
Mozilla status elements can be disabled via JavaScript
2004-12-17 00:00:00
libpng png_handle_sBIT() performs insufficient bounds checking
2004-08-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla SOAPParameter Integer Overflow (CVE-2004-0722)
2010-03-15 00:00:00
Mozilla Firefox onunload SSL Certificate Spoofing (CVE-2004-0763)
2009-11-19 00:00:00
libpng Transparency Chunk Length Buffer Overflow (CVE-2004-0597)
2010-02-21 00:00:00
debiancve
debiancve
CVE-2004-0748
2004-10-20 04:00:00
CVE-2004-0751
2004-10-20 04:00:00
ubuntucve
ubuntucve
CVE-2004-0718
2004-07-27 00:00:00
CVE-2004-0748
2004-10-20 00:00:00
CVE-2004-0597
2004-11-23 00:00:00
httpd
httpd
Apache Httpd < 2.0.51 : SSL connection infinite loop
2004-07-07 00:00:00
Apache Httpd < 2.0.51 : Malicious SSL proxy can cause crash
2004-07-07 00:00:00
osv
osv
mozilla-firefox - frame injection spoofing
2005-08-15 00:00:00
mozilla - frame injection spoofing
2005-08-17 00:00:00
libpng - several vulnerabilities
2004-08-04 00:00:00
coresecurity
coresecurity
MSN Messenger PNG Image Parsing Vulnerability
2005-02-08 00:00:00
debian
debian
[SECURITY] [DSA 777-1] New Mozilla packages fix frame injection spoofing vulnerability
2005-08-17 09:27:19
[SECURITY] [DSA 775-1] New Mozilla packages fix frame injection spoofing vulnerability
2005-08-15 11:02:20
[SECURITY] [DSA 775-1] New Mozilla packages fix frame injection spoofing vulnerability
2005-08-15 11:02:20
f5
f5
Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599
2007-05-17 04:00:00
SOL4009 - Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599
2007-05-16 00:00:00

0.965 High

EPSS

Percentile

99.5%

JSON
Related for SUSE-SA:2004:030
openvas58nessus51redhat4slackware3suse7freebsd13securityvulns11gentoo3cve16cert8checkpoint_advisories5debiancve2ubuntucve5httpd2osv3coresecurity1debian5f52