Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 55618

Summary: Apache 2 remote exploit
Product: Gentoo Security Reporter: Kevin Williams <kevwil>
Component: GLSA ErrorsAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493
Whiteboard:
Package list:
Runtime testing required: ---

Description Kevin Williams 2004-06-29 14:10:40 UTC 
Vulnerability CAN-2004-0493 has been announced by its discoverer, before 2.0.50 could be released. It is a remote exploit which allows an attacker to cause the server to allocate increasing amounts of memory until system memory is exhausted or until process limits are reached, depending on the platform and configuration.

This problem will be resolved in 2.0.50. To resolve this problem with 2.0.47, 2.0.48 or 2.0.49, apply the patch at http://www.apache.org/dist/httpd/patches/apply_to_2.0.49/CAN-2004-0493.patch.

The patch has not been tested with earlier releases.
Comment 1 Dan Margolis (RETIRED) gentoo-dev 2004-06-29 14:15:46 UTC 

*** This bug has been marked as a duplicate of 55441 ***