IBM HTTP Server 7.0.0.0 < 7.0.0.33 / 8.0.0.0 < 8.0.0.9 / 8.5.0.0 < 8.5.5.2 Buffer Overflow (244199)

The version of IBM HTTP Server running on the remote host is affected by a vulnerability related to Apache HTTP Server. The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which...

Denial Of Service (Dos)

httpd is vulnerable to denial of service. Whitespace characters from CDATA sections are not properly removed in the davxmlgetcdata function in main/util.c, which would allow remote attackers to crash the daemon via a malicious DAV WRITE request...

Apache 2.4.x < 2.4.9 Multiple Vulnerabilities

According to its banner, the version of Apache 2.4.x running on the remote host is a version prior to 2.4.9. It is, therefore, affected by the following vulnerabilities : - A flaw exists with the 'moddav' module that is caused when tracking the length of CDATA that has leading white space. A remo...

KLA10067 DoS vulnerabilities in Apache httpd

Multiple serious vulnerabilities have been found in Apache httpd. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities 1. Vectors related to modlogconfig can be exploited remotely via a specially designed cookie; 2. An improper...

Cross site request forgery (csrf)

The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE request...