Описание
mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
Ссылки
- Third Party AdvisoryUS Government Resource
- Patch
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.39127
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 23 года назад
mod_dav in Apache before 2.0.42 does not properly handle versioning ho ...
github
больше 3 лет назад
mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
EPSS
Процентиль: 97%
0.39127
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other