Apache – CVE-2003-0189

Description

Cytrix has detected that the Version of Apache HTTP Server being used might be vulnerable to Denial of Service (DoS). Also known as CVE-2003-0189.

The authentication module for your Apache versions does not properly handle threads safely when using the crypt_r or crypt functions on Unix.
That will allow remote attackers to initiate a Denial of Service attack through failed Basic authentication with valid usernames and passwords when a threaded MPM is being used.

This will cause a decrease in performance and also for interruptions in the availability of resources.

Recommendation

To fix CVE-2003-0189, upgrade the version of Apache HTTP Server being used to 2.0.46 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0189

< Return to all Vulnerabilities

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »

Blue Team

We’ve talked about The Red Team before, but what about The Blue Team? How is this group different from the red one? Why would we

Read More »

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »