The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
http://secunia.com/advisories/12540
https://exchange.xforce.ibmcloud.com/vulnerabilities/17382
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11380
http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml
http://www.novell.com/linux/security/advisories/2004_32_apache2.html
Published: 2004-10-20
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Severity: Medium