Description

The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.

Remediation

References

CVE-2003-0189

Related Vulnerabilities

Microsoft SQL Server Other Vulnerability (CVE-2000-1087)

Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-45152)

Apache Tomcat CVE-2012-5568 Vulnerability (CVE-2012-5568)

WordPress Plugin AccessPress Social Share includes Backdoor [Only if downloaded via the vendor website] (4.5.5)

MySQL CVE-2016-9842 Vulnerability (CVE-2016-9842)

Severity

Medium

Classification

CVE-2003-0189

Tags

Missing Update Known Vulnerabilities