Skip to main content

Apache HTTP Server mod_cache Denial of Service Vulnerability

Last Update Date: 7 Oct 2014 09:19 Release Date: 7 Oct 2014 4402 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability has been identified in Apache HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a NULL pointer dereference error within the "cache_merge_headers_out()" function (modules/cache/cache_util.c), which can be exploited to cause a crash via a content-type field with an empty value.


Impact

  • Denial of Service

System / Technologies affected

  • Version 2.4.10

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.4.11

Vulnerability Identifier


Source


Related Link