Search for vulnerabilities
Vulnerability details: VCID-atse-ehnv-aaam
Vulnerability ID VCID-atse-ehnv-aaam
Aliases CVE-2004-0942
Summary Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2004:562
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.81382 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.83214 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96490 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96561 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
epss 0.96561 https://api.first.org/data/v1/epss?cve=CVE-2004-0942
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1617326
apache_httpd important https://httpd.apache.org/security/json/CVE-2004-0942.json
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2004-0942
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028248.html
http://marc.info/?l=bugtraq&m=110384374213596&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0942.json
https://api.first.org/data/v1/epss?cve=CVE-2004-0942
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942
http://secunia.com/advisories/19072
https://exchange.xforce.ibmcloud.com/vulnerabilities/17930
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10962
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123
http://www.mandriva.com/security/advisories?name=MDKSA-2004:135
http://www.redhat.com/support/errata/RHSA-2004-562.html
http://www.trustix.org/errata/2004/0061/
http://www.vupen.com/english/advisories/2006/0789
1617326 https://bugzilla.redhat.com/show_bug.cgi?id=1617326
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
CVE-2004-0942 https://httpd.apache.org/security/json/CVE-2004-0942.json
CVE-2004-0942 https://nvd.nist.gov/vuln/detail/CVE-2004-0942
OSVDB-11391;CVE-2004-0942 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/855.pl
RHSA-2004:562 https://access.redhat.com/errata/RHSA-2004:562
USN-23-1 https://usn.ubuntu.com/23-1/
Data source Exploit-DB
Date added March 3, 2005
Description Apache 2.0.52 - GET Denial of Service
Ransomware campaign use Known
Source publication date March 4, 2005
Exploit type dos
Platform multiple
Source update date July 11, 2017
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2004-0942
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.99125
EPSS Score 0.81382
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.