First published: Wed Jun 30 2004(Updated: )
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Trustix Secure Linux | =2.0 | |
Avaya Converged Communications Server | =2.0 | |
Trustix Secure Linux | =1.5 | |
Gentoo Linux | =1.4 | |
Trustix Secure Linux | =2.1 | |
Apache HTTP server | =2.0.47 | |
IBM HTTP Server | =2.0.42.1 | |
Avaya S8300 | =r2.0.0 | |
Apache HTTP server | =2.0.49 | |
IBM HTTP Server | =2.0.42 | |
IBM HTTP Server | =2.0.47.1 | |
Apache HTTP server | =2.0.48 | |
IBM HTTP Server | =2.0.42.2 | |
Avaya S8700 | =r2.0.0 | |
Avaya S8500 | =r2.0.0 | |
IBM HTTP Server | =2.0.47 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.