SERVER-APACHE -- Snort has detected traffic exploiting vulnerabilities in Apache servers.
SERVER-APACHE Apache mod_ssl non-SSL connection to SSL port denial of service attempt
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference. Impact: CVSS base score 5.4 CVSS impact score 6.9 CVSS exploitability score 4.9 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE Details: Ease of Attack:
No information provided
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
CVE-2005-3357 |
Loading description
|
CVE-2017-3169 |
Loading description
|
©2025 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
