VulnerableCode Package Details - pkg:deb/debian/apache2@2.0.51?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9xwj-xak5-efb3	An issue was discovered in the mod_ssl module in Apache 2.0. A remote attacker who forces an SSL connection to be aborted in a particular state may cause an Apache child process to enter an infinite loop, consuming CPU resources.	CVE-2004-0748
VCID-fq9j-uewn-q7h7	A buffer overflow was found in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user.	CVE-2004-0747
VCID-g1jc-8vza-u3ad	Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. One some BSD systems it is believed this flaw may be able to lead to remote code execution.	CVE-2004-0786

Vulnerability

Summary

Aliases

VCID-9xwj-xak5-efb3

An issue was discovered in the mod_ssl module in Apache 2.0. A remote attacker who forces an SSL connection to be aborted in a particular state may cause an Apache child process to enter an infinite loop, consuming CPU resources.

CVE-2004-0748

VCID-fq9j-uewn-q7h7

A buffer overflow was found in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user.

CVE-2004-0747

VCID-g1jc-8vza-u3ad

Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. One some BSD systems it is believed this flaw may be able to lead to remote code execution.

CVE-2004-0786

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T10:23:12.514302+00:00	Debian Importer	Fixing	VCID-fq9j-uewn-q7h7	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:02:46.931659+00:00	Debian Importer	Fixing	VCID-g1jc-8vza-u3ad	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:02:42.186251+00:00	Debian Importer	Fixing	VCID-9xwj-xak5-efb3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T06:59:55.279258+00:00	Debian Importer	Fixing	VCID-fq9j-uewn-q7h7	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:44:20.621081+00:00	Debian Importer	Fixing	VCID-g1jc-8vza-u3ad	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:44:18.184019+00:00	Debian Importer	Fixing	VCID-9xwj-xak5-efb3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:07:56.750859+00:00	Debian Importer	Fixing	VCID-fq9j-uewn-q7h7	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:06:49.545339+00:00	Debian Importer	Fixing	VCID-g1jc-8vza-u3ad	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:06:48.760632+00:00	Debian Importer	Fixing	VCID-9xwj-xak5-efb3	https://security-tracker.debian.org/tracker/data/json	38.1.0