CVE-2001-1342

Name of the Vulnerable Software and Affected Versions Apache versions prior to 1.3.20

Description A denial of service issue exists where a remote attacker can cause a General Protection Fault (GPF) by submitting a specially crafted HTTP request with a large number of / (slash) or other characters in the URI. This causes certain functions to dereference a null pointer, leading to a denial of service. The issue affects the Win32 and OS2 ports of Apache and can bring up a message box that must be cleared by the operator to resume operation. No means to compromise the server beyond a denial of service have been identified.

Recommendations For Apache versions prior to 1.3.20, update to version 1.3.20 or later to resolve the issue.