Description
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
Remediation
References
Related Vulnerabilities
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.15)
Oracle JRE CVE-2023-21830 Vulnerability (CVE-2023-21830)
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.15)
MySQL CVE-2013-0389 Vulnerability (CVE-2013-0389)
Microsoft SQL Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2003-0230)