Security issues affecting Apache httpd 2.0.50

This page gives a list of all the vulnerabilities that are known to affect version 2.0.50 of Apache httpd. Note however that some vendor versions of Apache may already contain backported security patches for some of these issues, so if you're using a vendor-supplied version of Apache contact your vendor for details.

You can also see an alternative view of this data which lists which vulnerabilities were fixed in each version

Apache Week rates the severity of each issue based on the overall impact to users

Examine another version -- 2.0.52 -- 2.0.51 -- 2.0.50 -- 2.0.49 -- 2.0.48 -- 2.0.47 -- 2.0.46 -- 2.0.45 -- 2.0.44 -- 2.0.43 -- 2.0.42 -- 2.0.40 -- 2.0.39 -- 2.0.37 -- 2.0.36 -- 2.0.35 -- 1.3.32 -- 1.3.31 -- 1.3.29 -- 1.3.28 -- 1.3.27 -- 1.3.26 -- 1.3.24 -- 1.3.22 -- 1.3.20 -- 1.3.19 -- 1.3.17 -- 1.3.14 -- 1.3.12 -- 1.3.11 -- 1.3.9 -- 1.3.6 -- 1.3.4 -- 1.3.3 -- 1.3.2 -- 1.3.1 -- 1.3.0

critical: IPv6 URI parsing heap overflow CAN-2004-0786

Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. One some BSD systems it is believed this flaw may be able to lead to remote code execution.

important: Memory consumption DoS CAN-2004-0942

An issue was discovered where the field length limit was not enforced for certain malicious requests. This could allow a remote attacker who is able to send large amounts of data to a server the ability to cause Apache children to consume proportional amounts of memory, leading to a denial of service.

important: SSL connection infinite loop CAN-2004-0748

An issue was discovered in the mod_ssl module in Apache 2.0. A remote attacker who forces an SSL connection to be aborted in a particular state may cause an Apache child process to enter an infinite loop, consuming CPU resources.

moderate: SSLCipherSuite bypass CAN-2004-0885

An issue has been discovered in the mod_ssl module when configured to use the "SSLCipherSuite" directive in directory or location context. If a particular location context has been configured to require a specific set of cipher suites, then a client will be able to access that location using any cipher suite allowed by the virtual host configuration.

low: Environment variable expansion flaw CAN-2004-0747

The Swedish IT Incident Centre (SITIC) reported a buffer overflow in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user.

low: Malicious SSL proxy can cause crash CAN-2004-0751

An issue was discovered in the mod_ssl module in Apache 2.0.44-2.0.50 which could be triggered if the server is configured to allow proxying to a remote SSL server. A malicious remote SSL server could force an httpd child process to crash by sending a carefully crafted response header. This issue is not believed to allow execution of arbitrary code and will only result in a denial of service where a threaded process model is in use.

low: WebDAV remote crash CAN-2004-0809

An issue was discovered in the mod_dav module which could be triggered for a location where WebDAV authoring access has been configured. A malicious remote client which is authorized to use the LOCK method could force an httpd child process to crash by sending a particular sequence of LOCK requests. This issue does not allow execution of arbitrary code. and will only result in a denial of service where a threaded process model is in use.