Описание
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.
Ссылки
- Broken Link
- Issue Tracking
- Issue TrackingPatch
- Mailing List
- ExploitMailing ListThird Party Advisory
- Broken LinkPatchThird Party AdvisoryVDB Entry
- Broken LinkPatch
- Broken LinkExploitThird Party AdvisoryVDB Entry
- Broken LinkPatchThird Party AdvisoryVDB Entry
- Broken Link
- Issue Tracking
- Issue TrackingPatch
- Mailing List
- ExploitMailing ListThird Party Advisory
- Broken LinkPatchThird Party AdvisoryVDB Entry
- Broken LinkPatch
- Broken LinkExploitThird Party AdvisoryVDB Entry
- Broken LinkPatchThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03015
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-667
Связанные уязвимости
CVSS3: 7.5
debian
больше 22 лет назад
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly re ...
CVSS3: 7.5
github
больше 3 лет назад
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.
EPSS
Процентиль: 86%
0.03015
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-667