« Sun One Application Server Multiple vulnerabilities | Main | Cumulative Patch for Internet Information Service »

Apache Pre 2.0.46 Denial of Service

Below is a snippet from the apache advisory.

Apache 2.0.46 Major changes

Security vulnerabilities closed since Apache 2.0.45

*) SECURITY [CAN-2003-0245]: Fixed a bug that could be triggered
remotely through mod_dav and possibly other mechanisms, causing
an Apache child process to crash. The crash was first reported
by David Endler and was researched and
fixed by Joe Orton . Details will be released
on 30 May 2003.

*) SECURITY [CAN-2003-0189]: Fixed a denial-of-service vulnerability
affecting basic authentication on Unix platforms related to
thread-safety in apr_password_validate(). The problem was reported
by John Hughes

Full advisory

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!