Description

mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.

Remediation

References

CVE-2005-3357

Related Vulnerabilities

WordPress Plugin Revive Old Post-Auto Post to Social Media Security Bypass (6.9.3)

Squid Improper Input Validation Vulnerability (CVE-2014-0128)

WordPress Plugin Essential Blocks Pro Multiple PHP Object Injection Vulnerabilities (1.1.0)

WordPress Plugin WP-AutoYoutube 'index.php' Script SQL Injection (0.1)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14012)

Severity

Medium

Classification

CVE-2005-3357

Tags

Missing Update Known Vulnerabilities