Lucene search

K
ubuntucveUbuntu.comUB:CVE-2005-3357
HistoryDec 31, 2005 - 12:00 a.m.

CVE-2005-3357

2005-12-3100:00:00
ubuntu.com
ubuntu.com
10

5.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:N/A:C

0.973 High

EPSS

Percentile

99.8%

mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with
access control and a custom error 400 error page, allows remote attackers
to cause a denial of service (application crash) via a non-SSL request to
an SSL port, which triggers a NULL pointer dereference.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchapache2< 2.0.55-4ubuntu2.2UNKNOWN
ubuntu6.10noarchapache2< 2.0.55-4ubuntu4.1UNKNOWN
ubuntu7.04noarchapache2< 2.2.3-3.2ubuntu0.1UNKNOWN

5.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:N/A:C

0.973 High

EPSS

Percentile

99.8%