Rapid7 Vulnerability & Exploit Database

Apache HTTPD: Remote DoS via IPv6 ftp proxy (CVE-2003-0254)

Back to Search

Apache HTTPD: Remote DoS via IPv6 ftp proxy (CVE-2003-0254)

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
08/18/2003
Created
07/25/2018
Added
04/12/2012
Modified
06/06/2013

Description

The affected asset is vulnerable to this vulnerability ONLY if when Apache is configured as an FTP proxy and an attacker can make proxy requests to an FTP server with an IPv6 address. Review your web server configuration for validation. When a client requests that proxy ftp connect to a ftp server with IPv6 address, and the proxy is unable to create an IPv6 socket, an infinite loop occurs causing a remote Denial of Service.

Solution(s)

  • apache-httpd-upgrade-2_0_47

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;