Endpoint Vulnerability

Apache Httpd - low:mod_ssl access control DoS(CVE-2005-3357)


A NULL pointer dereference flaw in mod_ssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This crash would only be a denial of service if using the worker MPM.

Affected Products

Apache Httpd