Apache mod_proxy_fcgi Denial of Service Vulnerability
Last Update Date:
16 Dec 2014 09:33
Release Date:
16 Dec 2014
3959
Views
RISK: Medium Risk
TYPE: Servers - Web Servers
A vulnerability was identified in Apache mod_proxy_fcgi. A remote user can cause denial of service conditions.
A remote FastCGI server can return specially crafted response headers to trigger a buffer overflow in handle_headers() function in 'mod_proxy_fcgi.c' and cause the target Apache server to crash.
Impact
- Denial of Service
System / Technologies affected
- Version 2.4.10
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (2.4.11-dev).
Vulnerability Identifier
Source
Related Link
Share with