| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.7 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as problematic, was found in Apache HTTP Server. Affected by this issue is some unknown functionality of the component mod_ssl. Executing a manipulation can lead to resource management. This vulnerability appears as CVE-2005-3357. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.
Details
A vulnerability has been found in Apache HTTP Server (Web Server) and classified as critical. This vulnerability affects some unknown functionality of the component mod_ssl. The manipulation with an unknown input leads to a resource management vulnerability. The CWE definition for the vulnerability is CWE-399. As an impact it is known to affect availability. CVE summarizes:
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
The weakness was presented 01/06/2006 by keilh as Bug 37791 as not defined bug report (Bugzilla). The advisory is shared for download at issues.apache.org. This vulnerability was named CVE-2005-3357 since 10/27/2005. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. There are neither technical details nor an exploit publicly available.
It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 20386 (Apache mod_ssl ssl_hook_Access Error Handling DoS), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Web Servers. The commercial vulnerability scanner Qualys is able to test this issue with plugin 165126 (SUSE Security Update for Apache2 (SUSE-SA:2006:051)).
Upgrading eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at apache.org. The best possible mitigation is suggested to be upgrading to the latest version. Attack attempts may be identified with Snort ID 11263. In this case the pattern HTTP/ is used for detection.
The vulnerability is also documented in the databases at X-Force (24008), Tenable (20386), SecurityFocus (BID 16152†), OSVDB (22261†) and Secunia (SA22992†). See VDB-1728, VDB-32667, VDB-32657 and VDB-32290 for similar entries. Once again VulDB remains the best source for vulnerability data.
Product
Type
Vendor
Name
Version
- 2.0
- 2.0.9
- 2.0.28
- 2.0.32
- 2.0.35
- 2.0.36
- 2.0.37
- 2.0.38
- 2.0.39
- 2.0.40
- 2.0.41
- 2.0.42
- 2.0.43
- 2.0.44
- 2.0.45
- 2.0.46
- 2.0.47
- 2.0.48
- 2.0.49
- 2.0.50
- 2.0.51
- 2.0.52
- 2.0.53
- 2.0.54
- 2.0.55
License
Support
- end of life (old version)
Website
- Vendor: https://www.apache.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.5VulDB Meta Temp Score: 6.7
VulDB Base Score: 7.5
VulDB Temp Score: 6.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Resource managementCWE: CWE-399 / CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 20386
Nessus Name: Apache mod_ssl ssl_hook_Access Error Handling DoS
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 855077
OpenVAS Name: Solaris Update for Gnome libs 120461-16
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Patch: apache.org
Snort ID: 11263
Snort Message: DOS Apache mod_ssl non-SSL connection to SSL port denial of service attempt
Snort Pattern: 🔍
ISS Proventia IPS: 🔍
Timeline
10/27/2005 🔍12/12/2005 🔍
12/31/2005 🔍
12/31/2005 🔍
01/06/2006 🔍
01/06/2006 🔍
01/06/2006 🔍
01/10/2006 🔍
01/10/2006 🔍
01/15/2006 🔍
03/12/2021 🔍
Sources
Vendor: apache.orgAdvisory: Bug 37791
Researcher: keilh
Status: Not defined
Confirmation: 🔍
CVE: CVE-2005-3357 (🔍)
GCVE (CVE): GCVE-0-2005-3357
GCVE (VulDB): GCVE-100-1948
OVAL: 🔍
X-Force: 24008
SecurityFocus: 16152 - Apache Mod_SSL Custom Error Document Remote Denial Of Service Vulnerability
Secunia: 22992 - Avaya CMS Sun Solaris X Display Manager Security Issue, Not Critical
OSVDB: 22261 - Apache HTTP Server mod_ssl ssl_hook_Access Error Handling DoS
SecurityTracker: 1015447 - Apache mod_ssl Null Pointer Dereference May Let Remote Users Deny Service
Vulnerability Center: 10154 - Apache mod_ssl Remote DoS via non-SSL Request to SSL Port, High
Vupen: ADV-2006-3920
See also: 🔍
Entry
Created: 01/10/2006 12:08Updated: 03/12/2021 09:56
Changes: 01/10/2006 12:08 (90), 04/16/2019 15:10 (10), 03/12/2021 09:56 (2)
Complete: 🔍
Cache ID: 216:5E9:103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.