Description

The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.

Remediation

References

CVE-2003-0189

Related Vulnerabilities

WordPress Plugin WP Super Cache Cross-Site Scripting (1.4.2)

phpMyFAQ Misinterpretation of Input Vulnerability (CVE-2023-0880)

Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-6065)

WordPress Plugin All Video Gallery 'vid' Parameter Multiple SQL Injection Vulnerabilities (1.1)

Grafana CVE-2022-39201 Vulnerability (CVE-2022-39201)

Severity

Medium

Classification

CVE-2003-0189

Tags

Missing Update Known Vulnerabilities