CVE-2001-1342

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/05/2001
Last modified:
03/04/2025

Description

Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:apache:http_server:1.3.12:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.14:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.15:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.16:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.17:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.18:*:win32:*:*:*:*:*
cpe:2.3:a:apache:http_server:1.3.19:*:win32:*:*:*:*:*


References to Advisories, Solutions, and Tools