Search for vulnerabilities
Vulnerability details: VCID-sw39-2am9-aaas
Vulnerability ID VCID-sw39-2am9-aaas
Aliases CVE-2004-0809
Summary The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2004:463
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.00878 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.01190 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.01190 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.01190 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.01190 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.14875 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
epss 0.21194 https://api.first.org/data/v1/epss?cve=CVE-2004-0809
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1617299
apache_httpd low https://httpd.apache.org/security/json/CVE-2004-0809.json
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2004-0809
Reference id Reference type URL
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/dav/fs/lock.c?r1=1.32&r2=1.33
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0809.json
https://api.first.org/data/v1/epss?cve=CVE-2004-0809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0809
https://exchange.xforce.ibmcloud.com/vulnerabilities/17366
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9588
http://www.debian.org/security/2004/dsa-558
http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096
http://www.redhat.com/support/errata/RHSA-2004-463.html
http://www.trustix.org/errata/2004/0047/
1617299 https://bugzilla.redhat.com/show_bug.cgi?id=1617299
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:4.0_f:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:4.0_f:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:4.0_g:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:4.0_g:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:5.0_a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:5.0_a:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:5.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:5.1_a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:5.1_a:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:5.8.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:5.8.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:5.8.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:5.8.2:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:5.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:5.9.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:5.9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:5.9.2:*:*:*:*:*:*:*
cpe:2.3:a:hp:secure_web_server_for_tru64:6.3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:secure_web_server_for_tru64:6.3.0:*:*:*:*:*:*:*
cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*
cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*
cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*
CVE-2004-0809 https://httpd.apache.org/security/json/CVE-2004-0809.json
CVE-2004-0809 https://nvd.nist.gov/vuln/detail/CVE-2004-0809
RHSA-2004:463 https://access.redhat.com/errata/RHSA-2004:463
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2004-0809
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.82929
EPSS Score 0.00878
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.