// For flags

CVE-2004-0751

Apache mod_ssl 2.0.x - Remote Denial of Service

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).

La función char_buffer_read en el módulo mod_ssl de Apache 2.x, cuando se usa un proxy inverso con un servidor SSL, permite a atacantes remotos causar una denegación de permiso (fallo de segmentación).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2004-07-26 CVE Reserved
  • 2004-09-10 CVE Published
  • 2004-09-10 First Exploit
  • 2024-08-08 CVE Updated
  • 2025-04-01 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (26)
URL Tag Source
http://archives.neohapsis.com/archives/bugtraq/2004-09/0096.html Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/17273 Third Party Advisory
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E Mailing List
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E Mailing List
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11864 Signature
URL Date SRC
https://www.exploit-db.com/exploits/24590 2004-09-10
URL Date SRC
http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 2023-11-07
URL Date SRC
http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml 2023-11-07
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 2023-11-07
http://www.novell.com/linux/security/advisories/2004_30_apache2.html 2023-11-07
http://www.redhat.com/support/errata/RHSA-2004-463.html 2023-11-07
http://www.trustix.org/errata/2004/0047 2023-11-07
https://access.redhat.com/security/cve/CVE-2004-0751 2004-09-15
https://bugzilla.redhat.com/show_bug.cgi?id=1617264 2004-09-15
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
 Http Server
Search vendor "Apache" for product "Http Server"
 >= 2.0.44 < 2.0.51
Search vendor "Apache" for product "Http Server" and version " >= 2.0.44 < 2.0.51"
-
Affected