Search for vulnerabilities
Vulnerability details: VCID-1a68-fd5t-aaam
Vulnerability ID VCID-1a68-fd5t-aaam
Aliases CVE-2005-2970
Summary Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-770 Allocation of Resources Without Limits or Throttling
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2006:0159
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.00948 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.02703 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.02703 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.02703 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.02703 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.08033 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
epss 0.10525 https://api.first.org/data/v1/epss?cve=CVE-2005-2970
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1617769
apache_httpd low https://httpd.apache.org/security/json/CVE-2005-2970.json
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2005-2970
Reference id Reference type URL
http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail%40minotaur.apache.org%3E
http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail@minotaur.apache.org%3E
http://rhn.redhat.com/errata/RHSA-2006-0159.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2970.json
https://api.first.org/data/v1/epss?cve=CVE-2005-2970
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2970
http://secunia.com/advisories/16559
http://secunia.com/advisories/17923
http://secunia.com/advisories/18161
http://secunia.com/advisories/18333
http://secunia.com/advisories/18585
http://securitytracker.com/id?1015093
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10043
http://svn.apache.org/viewcvs?rev=292949&view=rev
https://www.ubuntu.com/usn/usn-225-1/
http://www.mandriva.com/security/advisories?name=MDKSA-2005:233
http://www.novell.com/linux/security/advisories/2005_28_sr.html
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html
http://www.securityfocus.com/archive/1/425399/100/0/threaded
http://www.securityfocus.com/bid/15762
1617769 https://bugzilla.redhat.com/show_bug.cgi?id=1617769
340337 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340337
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora_core:4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora_core:4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
CVE-2005-2970 https://httpd.apache.org/security/json/CVE-2005-2970.json
CVE-2005-2970 https://nvd.nist.gov/vuln/detail/CVE-2005-2970
RHSA-2006:0159 https://access.redhat.com/errata/RHSA-2006:0159
USN-225-1 https://usn.ubuntu.com/225-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2005-2970
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.83593
EPSS Score 0.00948
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.