Apache mod_dav and mod_log_config Multiple Vulnerabilities

Last Update Date: 19 Mar 2014 17:19 Release Date: 19 Mar 2014 4042 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

Two vulnerabilities have been identified in Apache, which can be exploited by a remote user to cause denial of service conditions.

  • A remote user can send specially crafted DAV WRITE requests to trigger a flaw in mod_dav in the processing of spaces within CDATA and cause the target service to crash.
  • A remote user can send a specially crafted cookie value to trigger a flaw in mod_log_config and cause the target service to crash.

Impact

  • Denial of Service

System / Technologies affected

  • Apache versions prior to 2.4.8

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.4.9

Vulnerability Identifier

Source

Related Link

Share with

Previous

Google Chrome for Android Multiple Vulnerabilities

18 Mar 2014 4088 Views

Next

OpenSSH AcceptEnv Wildcard Processing Vulnerability

19 Mar 2014 4304 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY