Apache HTTP Server Multiple Vulnerabilities

Last Update Date: 24 Jul 2013 12:43 Release Date: 24 Jul 2013 4005 Views

RISK: High Risk

High Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

Multiple vulnerabilities have been identified in Apache HTTP Server, which can be exploited by attackers to cause a DoS (Denial of Service).

  1. Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.
  2. mod_session_dbd: Make sure that dirty flag is respected when saving sessions, and ensure the session ID is changed each time the session changes. This changes the format of the updatesession SQL statement. Existing configurations must be changed.

Impact

  • Denial of Service

System / Technologies affected

  • Versions prior to 2.4.6

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.4.6

Vulnerability Identifier

Source

Related Link

Share with

Previous

IBM WebSphere Message Broker Java Multiple Vulnerabilities

24 Jul 2013 3868 Views

Next

IBM Tivoli Endpoint Manager Multiple Vulnerabilities

26 Jul 2013 4580 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY