Description

mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.

Remediation

References

CVE-2004-0748

Related Vulnerabilities

JBoss Application Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-3609)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5317)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.21)

phpMyAdmin Cryptographic Issues Vulnerability (CVE-2008-7252)

WordPress Plugin Client Invoicing by Sprout Invoices-Easy Estimates and Invoices for WordPress Cross-Site Scripting (19.9.6)

Severity

Medium

Classification

CVE-2004-0748 CWE-835

Tags

Missing Update Known Vulnerabilities