Description

The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.

Remediation

References

CVE-2003-0189

Related Vulnerabilities

WordPress Plugin Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages Multiple Cross-Site Scripting Vulnerabilities (45.0)

WordPress Plugin Xtreme Locator Dealer Locator SQL Injection (1.5)

Oracle Database Server CVE-2008-0347 Vulnerability (CVE-2008-0347)

Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-5301)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1840)

Severity

Medium

Classification

CVE-2003-0189

Tags

Missing Update Known Vulnerabilities