CVE-2002-1850

Name of the Vulnerable Software and Affected Versions Apache versions 2.0.39 through 2.0.40

Description The issue allows local users and possibly remote attackers to cause a denial of service, resulting in hang and memory consumption. This occurs when a CGI script sends a large amount of data to stderr, causing a read/write deadlock between httpd and the CGI script.

Recommendations For Apache versions 2.0.39 and 2.0.40, consider restricting the amount of data that can be sent to stderr by CGI scripts to prevent the read/write deadlock. As a temporary workaround, consider disabling the CGI script functionality until a patch is available.