10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.012 Low
EPSS
Percentile
85.3%
A buffer overflow was found in the Apache proxy module, mod_proxy, which can be triggered by receiving an invalid Content-Length header. In order to exploit this issue an attacker would need to get an Apache installation that was configured as a proxy to connect to a malicious site. This would cause the Apache child processing the request to crash, although this does not represent a significant Denial of Service attack as requests will continue to be handled by other Apache child processes. This issue may lead to remote arbitrary code execution on some BSD platforms.
CPE | Name | Operator | Version |
---|---|---|---|
apache httpd | eq | 1.3.31 | |
apache httpd | eq | 1.3.29 | |
apache httpd | eq | 1.3.28 | |
apache httpd | eq | 1.3.27 | |
apache httpd | eq | 1.3.26 |