CVE-2005-2970
Apache HTTP Server 2.0.36-2.0.54 - Denial of Service via Worker MPM Memory Leak
Title source: llmDescription
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
References (28)
Core 28
Core References
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015093
Broken Link vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_28_sr.html
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://www.ubuntu.com/usn/usn-225-1/
Various Sources x_refsource_confirm
http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail%40minotaur.apache.org%3E
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2006-0159.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15762
Broken Link vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2005:233
Not Applicable third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18333
Not Applicable third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17923
Vendor Advisory x_refsource_confirm
http://svn.apache.org/viewcvs?rev=292949&view=rev
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_fedora
http://www.securityfocus.com/archive/1/425399/100/0/threaded
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10043
Not Applicable third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18585
Not Applicable third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18161
Not Applicable third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/16559
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
Scores
EPSS
0.1419
EPSS Percentile
96.1%
Details
CWE
CWE-770
Status
published
Products (11)
apache/http_server
2.0.36 - 2.0.55
canonical/ubuntu_linux
4.10
canonical/ubuntu_linux
5.04
canonical/ubuntu_linux
5.10
fedoraproject/fedora_core
4
redhat/enterprise_linux_desktop
3.0
redhat/enterprise_linux_desktop
4.0
redhat/enterprise_linux_server
3.0
redhat/enterprise_linux_server
4.0
redhat/enterprise_linux_workstation
3.0
... and 1 more
Published
Oct 25, 2005
Tracked Since
Feb 18, 2026