CVE-2004-0751

Name of the Vulnerable Software and Affected Versions Apache 2.x versions 2.0.44 through 2.0.50

Description The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault or crash of an httpd child process. This occurs when the server is configured to allow proxying to a remote SSL server and a malicious remote SSL server sends a carefully crafted response header. The issue is not believed to allow execution of arbitrary code and will only result in a denial of service where a threaded process model is in use.

Recommendations For Apache 2.x versions 2.0.44 through 2.0.50, consider disabling the mod ssl module or restricting its use to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.