Versions of Apache HTTP server 2.4.1 to 2.4.4, 2.4.6, 2.4.7, and 2.4.9 are unpatched for the following vulnerabilities:
Memory consumption denial of service in WinNT MPM, which affects installations on the Windows platform (CVE-2014-3523)
Race condition in scoreboard handling, which may potentially result in an exploitable heap buffer overflow (CVE-2014-0226)
Denial of service when the ‘mod_deflate’ module attempts to process highly compressed bodies (CVE-2014-0118)
Denial of service in ‘mod_cgid’ module when certain CGI scripts do not consume standard input and thus linger indefinitely, eventually causing the server to hang (CVE-2014-0231)
Binary data 8343.prm
Vendor | Product | Version | CPE |
---|---|---|---|
apache | http_server | 2.4.6 | cpe:/a:apache:http_server:2.4.6 |