Search for vulnerabilities
Vulnerability details: VCID-1qab-7wt4-aaaj
Vulnerability ID VCID-1qab-7wt4-aaaj
Aliases CVE-2003-0189
Summary The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.01308 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.05274 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.05274 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.05274 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.16257 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
epss 0.206 https://api.first.org/data/v1/epss?cve=CVE-2003-0189
rhbs unspecified https://bugzilla.redhat.com/show_bug.cgi?id=1616996
apache_httpd important https://httpd.apache.org/security/json/CVE-2003-0189.json
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2003-0189
Reference id Reference type URL
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000661
http://marc.info/?l=bugtraq&m=105418115512559&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0189.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0189
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0189
http://secunia.com/advisories/8881
https://exchange.xforce.ibmcloud.com/vulnerabilities/12091
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
http://www.apache.org/dist/httpd/Announcement2.html
http://www.kb.cert.org/vuls/id/479268
http://www.redhat.com/support/errata/RHSA-2003-186.html
http://www.securityfocus.com/bid/7725
1616996 https://bugzilla.redhat.com/show_bug.cgi?id=1616996
cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*
CVE-2003-0189 https://httpd.apache.org/security/json/CVE-2003-0189.json
CVE-2003-0189 https://nvd.nist.gov/vuln/detail/CVE-2003-0189
RHSA-2003:186 https://access.redhat.com/errata/RHSA-2003:186
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2003-0189
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.86319
EPSS Score 0.01308
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.