CVE-2004-0174

Name of the Vulnerable Software and Affected Versions Apache versions 1.3.x through 1.3.29 Apache versions 1.4.x through 2.0.48

Description A denial of service issue occurs when a short-lived connection on a rarely-accessed listening socket causes a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. This issue affects certain platforms, including some versions of AIX, Solaris, and Tru64, but does not affect FreeBSD or Linux.

Recommendations For Apache versions 1.3.x through 1.3.29, update to version 1.3.30 or later to resolve the issue. For Apache versions 1.4.x through 2.0.48, update to version 2.0.49 or later to resolve the issue. As a temporary workaround, consider restricting access to rarely-accessed listening sockets to minimize the risk of exploitation.