VulnerableCode Package Details - pkg:rpm/redhat/httpd@2.0.46-40?arch=ent

Search for packages

Vulnerability	Summary	Fixed by
VCID-76s2-26cr-syd1 Aliases: CVE-2004-0809	An issue was discovered in the mod_dav module which could be triggered for a location where WebDAV authoring access has been configured. A malicious remote client which is authorized to use the LOCK method could force an httpd child process to crash by sending a particular sequence of LOCK requests. This issue does not allow execution of arbitrary code. and will only result in a denial of service where a threaded process model is in use.	There are no reported fixed by versions.
VCID-f8n9-ampd-yyah Aliases: CVE-2004-0751	An issue was discovered in the mod_ssl module in Apache 2.0.44-2.0.50 which could be triggered if the server is configured to allow proxying to a remote SSL server. A malicious remote SSL server could force an httpd child process to crash by sending a carefully crafted response header. This issue is not believed to allow execution of arbitrary code and will only result in a denial of service where a threaded process model is in use.	There are no reported fixed by versions.
VCID-fq9j-uewn-q7h7 Aliases: CVE-2004-0747	A buffer overflow was found in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user.	There are no reported fixed by versions.
VCID-g1jc-8vza-u3ad Aliases: CVE-2004-0786	Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. One some BSD systems it is believed this flaw may be able to lead to remote code execution.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-76s2-26cr-syd1
Aliases:
CVE-2004-0809

An issue was discovered in the mod_dav module which could be triggered for a location where WebDAV authoring access has been configured. A malicious remote client which is authorized to use the LOCK method could force an httpd child process to crash by sending a particular sequence of LOCK requests. This issue does not allow execution of arbitrary code. and will only result in a denial of service where a threaded process model is in use.

There are no reported fixed by versions.

VCID-f8n9-ampd-yyah
Aliases:
CVE-2004-0751

An issue was discovered in the mod_ssl module in Apache 2.0.44-2.0.50 which could be triggered if the server is configured to allow proxying to a remote SSL server. A malicious remote SSL server could force an httpd child process to crash by sending a carefully crafted response header. This issue is not believed to allow execution of arbitrary code and will only result in a denial of service where a threaded process model is in use.

There are no reported fixed by versions.

VCID-fq9j-uewn-q7h7
Aliases:
CVE-2004-0747

A buffer overflow was found in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user.

There are no reported fixed by versions.

VCID-g1jc-8vza-u3ad
Aliases:
CVE-2004-0786

Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. One some BSD systems it is believed this flaw may be able to lead to remote code execution.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T15:00:50.809253+00:00	RedHat Importer	Affected by	VCID-76s2-26cr-syd1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0809.json	38.0.0
2026-04-01T15:00:50.751361+00:00	RedHat Importer	Affected by	VCID-g1jc-8vza-u3ad	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0786.json	38.0.0
2026-04-01T15:00:50.644086+00:00	RedHat Importer	Affected by	VCID-f8n9-ampd-yyah	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0751.json	38.0.0
2026-04-01T15:00:50.622314+00:00	RedHat Importer	Affected by	VCID-fq9j-uewn-q7h7	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0747.json	38.0.0