CVE - CVE-2005-3357

CVE-ID
CVE-2005-3357	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1015447 URL:http://securitytracker.com/id?1015447 MISC:102640 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1~~ (Obsolete source) MISC:102662 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1~~ (Obsolete source) MISC:16152 URL:http://www.securityfocus.com/bid/16152 MISC:18307 URL:http://secunia.com/advisories/18307 MISC:18333 URL:http://secunia.com/advisories/18333 MISC:18339 URL:http://secunia.com/advisories/18339 MISC:18340 URL:http://secunia.com/advisories/18340 MISC:18429 URL:http://secunia.com/advisories/18429 MISC:18517 URL:http://secunia.com/advisories/18517 MISC:18585 URL:http://secunia.com/advisories/18585 MISC:18743 URL:http://secunia.com/advisories/18743 MISC:19012 URL:http://secunia.com/advisories/19012 MISC:20060101-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U MISC:21848 URL:http://secunia.com/advisories/21848 MISC:22233 URL:http://secunia.com/advisories/22233 MISC:22368 URL:http://secunia.com/advisories/22368 MISC:22523 URL:http://secunia.com/advisories/22523 MISC:22669 URL:http://secunia.com/advisories/22669 MISC:22992 URL:http://secunia.com/advisories/22992 MISC:23260 URL:http://secunia.com/advisories/23260 MISC:29849 URL:http://secunia.com/advisories/29849 MISC:30430 URL:http://secunia.com/advisories/30430 MISC:ADV-2006-0056 URL:~~http://www.vupen.com/english/advisories/2006/0056~~ (Obsolete source) MISC:ADV-2006-3920 URL:~~http://www.vupen.com/english/advisories/2006/3920~~ (Obsolete source) MISC:ADV-2006-3995 URL:~~http://www.vupen.com/english/advisories/2006/3995~~ (Obsolete source) MISC:ADV-2006-4207 URL:~~http://www.vupen.com/english/advisories/2006/4207~~ (Obsolete source) MISC:ADV-2006-4300 URL:~~http://www.vupen.com/english/advisories/2006/4300~~ (Obsolete source) MISC:ADV-2006-4868 URL:~~http://www.vupen.com/english/advisories/2006/4868~~ (Obsolete source) MISC:ADV-2008-1246 URL:~~http://www.vupen.com/english/advisories/2008/1246/references~~ (Obsolete source) MISC:ADV-2008-1697 URL:~~http://www.vupen.com/english/advisories/2008/1697~~ (Obsolete source) MISC:APPLE-SA-2008-05-28 URL:http://lists.apple.com/archives/security-announce/2008//May/msg00001.html MISC:FEDORA-2006-052 URL:http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html MISC:FLSA-2006:175406 URL:http://www.securityfocus.com/archive/1/425399/100/0/threaded MISC:GLSA-200602-03 URL:http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml MISC:HPSBMA02328 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 MISC:HPSBOV02683 URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 MISC:HPSBUX02145 URL:http://www.securityfocus.com/archive/1/445206/100/0/threaded MISC:HPSBUX02172 URL:http://www.securityfocus.com/archive/1/450315/100/0/threaded MISC:RHSA-2006:0159 URL:http://rhn.redhat.com/errata/RHSA-2006-0159.html MISC:SSRT061202 URL:http://www.securityfocus.com/archive/1/445206/100/0/threaded MISC:SSRT061269 URL:http://www.securityfocus.com/archive/1/450315/100/0/threaded MISC:SSRT071293 URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449 MISC:SSRT090208 URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 MISC:SUSE-SR:2006:004 URL:http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html MISC:SuSE-SA:2006:051 URL:https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html MISC:TA08-150A URL:http://www.us-cert.gov/cas/techalerts/TA08-150A.html MISC:TSLSA-2005-0074 URL:~~http://www.trustix.org/errata/2005/0074/~~ (Obsolete source - check if archived by the Wayback Machine) MISC:USN-241-1 URL:http://www.ubuntulinux.org/usn/usn-241-1 MISC:[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ URL:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210330 svn commit: r1073139 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ URL:https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ URL:https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ URL:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ URL:https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210330 svn commit: r1888194 [4/13] - /httpd/site/trunk/content/security/json/ URL:https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E MISC:[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E MISC:http://issues.apache.org/bugzilla/show_bug.cgi?id=37791 URL:http://issues.apache.org/bugzilla/show_bug.cgi?id=37791 MISC:http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm MISC:http://svn.apache.org/viewcvs?rev=358026&view=rev URL:http://svn.apache.org/viewcvs?rev=358026&view=rev MISC:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 URL:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 MISC:oval:org.mitre.oval:def:11467 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467
Assigning CNA
Red Hat, Inc.
Date Record Created
20051027	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20051027)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)