Rapid7 Vulnerability & Exploit Database

Apache HTTPD: listening socket starvation (CVE-2004-0174)

Back to Search

Apache HTTPD: listening socket starvation (CVE-2004-0174)

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
05/04/2004
Created
07/25/2018
Added
04/12/2012
Modified
02/13/2015

Description

A starvation issue on listening sockets occurs when a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. This issue is known to affect some versions of AIX, Solaris, and Tru64; it is known to not affect FreeBSD or Linux.

Solution(s)

  • apache-httpd-upgrade-1_3_31
  • apache-httpd-upgrade-2_0_49

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;