QwikSec

Security Database

CVE

CWE

Training

CVE-2002-1850

Published: Jun 28, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

20020923 Apache 2.0.(39|40) DOS (PHP!)

mailing-list

x_refsource_BUGTRAQ

http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/generators/mod_cgi.c?r1=1.148.2.7&r2=1.148.2.8

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

http://issues.apache.org/bugzilla/show_bug.cgi?id=10515

x_refsource_MISC

apache-stderr-dos(10200)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

[apache-httpd-dev] 20020925 CGI bucket needed

mailing-list

x_refsource_MLIST

http://issues.apache.org/bugzilla/show_bug.cgi?id=22030

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.