CVE-2003-0132 — MEDIUM (5.0)

Q: How severe is CVE-2003-0132?

CVE-2003-0132 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2003-0132?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server.

Vulnerability Description

A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:N/A:P

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Apache	Http Server	>= 2.0.0, <= 2.0.44

Related Weaknesses (CWE)

CWE-772

References

http://lists.apple.com/mhonarc/security-announce/msg00028.htmlThird Party Advisory
http://marc.info/?l=bugtraq&m=104931360606484&w=2Issue TrackingThird Party Advisory
http://marc.info/?l=bugtraq&m=104982175321731&w=2Issue TrackingThird Party Advisory
http://marc.info/?l=bugtraq&m=104994239010517&w=2Issue TrackingThird Party Advisory
http://marc.info/?l=bugtraq&m=104994309010974&w=2Issue TrackingThird Party Advisory
http://marc.info/?l=bugtraq&m=105001663120995&w=2ExploitIssue TrackingThird Party Advisory
http://marc.info/?l=bugtraq&m=105013378320711&w=2Issue TrackingThird Party Advisory
http://secunia.com/advisories/34920Third Party Advisory
http://secunia.com/advisories/8499Third Party Advisory
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147Broken Link
http://www.idefense.com/advisory/04.08.03.txtThird Party Advisory
http://www.kb.cert.org/vuls/id/206537Third Party AdvisoryUS Government Resource
http://www.redhat.com/support/errata/RHSA-2003-139.htmlThird Party Advisory
http://www.vupen.com/english/advisories/2009/1233Third Party Advisory
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e0593

FAQ

What is CVE-2003-0132?

CVE-2003-0132 is a vulnerability with a CVSS score of 5.0 (MEDIUM). A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes f...

How severe is CVE-2003-0132?

CVE-2003-0132 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2003-0132?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server.