CVE-2009-3094

2009-09-08T18:30:00
ID CVE-2009-3094
Type cve
Reporter cve@mitre.org
Modified 2018-10-10T19:43:00

Description

The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. Per: http://cwe.mitre.org/data/definitions/476.html

'CWE-476: NULL Pointer Dereference'