CVE-2003-0189 — MEDIUM severity vulnerability (The authentication module for Apache 2.0.40 through 2.0.45 o)
The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.
| CVE ID | CVE-2003-0189 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2003-06-09 |
| Last modified | 2026-04-16 |
| Description | The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →