Apache Httpd < 2.2.14: mod_proxy_ftp DoS

2009-09-04T00:00:00
ID HTTPD:CC8913BFA5F23A87E08D0E9328F2960A
Type httpd
Reporter Apache Team Foundation
Modified 2009-10-05T00:00:00

Description

A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.