Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1593

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1593
Last Modified 05 Sep 2008 04:31:01
Published 25 Sep 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1593

Summary

mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.

Vulnerable Systems

Application

  • Apache Http Server 2.0

  • Apache Http Server 2.0.28

  • Apache Http Server 2.0.32

  • Apache Http Server 2.0.35

  • Apache Http Server 2.0.36

  • Apache Http Server 2.0.37

  • Apache Http Server 2.0.38

  • Apache Http Server 2.0.39

  • Apache Http Server 2.0.40

  • Apache Http Server 2.0.41


References

CERT-VN - VU#406121

XF - apache-mod-dav-dos(10208)

BID - 5816

CONFIRM - http://www.apache.org/dist/httpd/CHANGES_2.0

SECTRACK - 1005285


Last Updated: 27 May 2016 10:37:24