| Vulnerability Name: | CVE-2005-2970 (CCN-22858) | ||||||||||||||||
| Assigned: | 2005-10-25 | ||||||||||||||||
| Published: | 2005-10-25 | ||||||||||||||||
| Updated: | 2023-02-13 | ||||||||||||||||
| Summary: | Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. | ||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2005-2970 Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: RHSA-2006-0159 httpd security update Source: secalert@redhat.com Type: Third Party Advisory secalert@redhat.com Source: CCN Type: SA16559 Apache Byte-Range Filter and MPM Worker Denial of Service Vulnerabilities Source: CCN Type: SECTRACK ID: 1015093 Apache Memory Leak in MPM `worker.c` Code May Let Remote Users Deny Service Source: secalert@redhat.com Type: Broken Link, Third Party Advisory, VDB Entry secalert@redhat.com Source: CCN Type: ASA-2006-002 httpd security update (RHSA-2006-0159) Source: CCN Type: Apache-SVN Web site Revision 292949 - Log of /httpd/httpd/branches/2.2.x/server/mpm/worker/worker.c Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: CCN Type: IBM PK13230 2.0.47.1: IBM HTTP Server V2.0.47 and V2.0.42 cumulative security e-fix Source: CCN Type: Apache HTTP Server Project Web site Apache HTTP Server 2.0.55 Released Source: secalert@redhat.com Type: Broken Link secalert@redhat.com Source: secalert@redhat.com Type: Broken Link secalert@redhat.com Source: secalert@redhat.com Type: Mailing List, Third Party Advisory secalert@redhat.com Source: secalert@redhat.com Type: Third Party Advisory, VDB Entry secalert@redhat.com Source: CCN Type: BID-15762 Apache MPM Worker.C Denial Of Service Vulnerability Source: secalert@redhat.com Type: Third Party Advisory, VDB Entry secalert@redhat.com Source: CCN Type: USN-225-1 Apache 2 vulnerability Source: XF Type: UNKNOWN apache-multiprocessingcode-dos(22858) Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: Third Party Advisory secalert@redhat.com Source: SUSE Type: SUSE-SR:2005:028 SUSE Security Summary Report Source: secalert@redhat.com Type: Third Party Advisory secalert@redhat.com Source: CCN Type: IBM Systems Support Web site Support for HMC | ||||||||||||||||
| Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||
| Oval Definitions | |||||||||||||||||
| |||||||||||||||||
| BACK | |||||||||||||||||