CVE-2005-2970
Last modified
CVE-2005-2970 is a vulnerability of currently unknown severity. Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.. EPSS estimates a 14.19% chance of exploitation in the next 30 days.
Description
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Apache | Http Server | >= 2.0.36, < 2.0.55 |
| Canonical | Ubuntu Linux | 4.10 |
| Canonical | Ubuntu Linux | 5.04 |
| Canonical | Ubuntu Linux | 5.10 |
| Redhat | Enterprise Linux Desktop | 3.0 |
| Redhat | Enterprise Linux Desktop | 4.0 |
| Redhat | Enterprise Linux Server | 3.0 |
| Redhat | Enterprise Linux Server | 4.0 |
| Redhat | Enterprise Linux Workstation | 3.0 |
| Redhat | Enterprise Linux Workstation | 4.0 |
| Fedoraproject | Fedora Core | 4 |
References
- http://rhn.redhat.com/errata/RHSA-2006-0159.htmlThird Party Advisory
- http://secunia.com/advisories/16559Not Applicable
- http://secunia.com/advisories/17923Not Applicable
- http://secunia.com/advisories/18161Not Applicable
- http://secunia.com/advisories/18333Not Applicable
- http://secunia.com/advisories/18585Not Applicable
- http://securitytracker.com/id?1015093Broken Link, Third Party Advisory, VDB Entry
- http://svn.apache.org/viewcvs?rev=292949&view=revVendor Advisory
- http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.htmlMailing List, Third Party Advisory
- http://www.securityfocus.com/archive/1/425399/100/0/threadedThird Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/15762Third Party Advisory, VDB Entry
- https://www.ubuntu.com/usn/usn-225-1/Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2006-0159.htmlThird Party Advisory
- http://secunia.com/advisories/16559Not Applicable
- http://secunia.com/advisories/17923Not Applicable
- http://secunia.com/advisories/18161Not Applicable
- http://secunia.com/advisories/18333Not Applicable
- http://secunia.com/advisories/18585Not Applicable
- http://securitytracker.com/id?1015093Broken Link, Third Party Advisory, VDB Entry
- http://svn.apache.org/viewcvs?rev=292949&view=revVendor Advisory
- http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.htmlMailing List, Third Party Advisory
- http://www.securityfocus.com/archive/1/425399/100/0/threadedThird Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/15762Third Party Advisory, VDB Entry
- https://www.ubuntu.com/usn/usn-225-1/Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-2970?
How severe is CVE-2005-2970?
How do I fix CVE-2005-2970?
Are you affected by CVE-2005-2970?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST