Apache Httpd < 2.0.64: mod_dav DoS

ID HTTPD:76062FEF19DB1674A0B8B62507DED4B9
Type httpd
Reporter Mark Drayton.
Modified 2010-10-19T00:00:00


A flaw was found in the handling of requests by mod_dav. A malicious remote attacker could send a carefully crafted request and cause a httpd child process to crash. This crash would only be a denial of service if using the worker MPM. This issue is further mitigated as mod_dav is only affected by requests that are most likely to be authenticated.