2 matches found
httpd: mod_proxy_fcgi handle_headers() buffer over read
A buffer overflow flaw was found in modproxyfcgi's handleheaders function. A malicious FastCGI server that httpd is configured to connect to could send a carefully crafted response that would cause an httpd child process handling the request to crash...
Amazon Linux AMI : httpd24 (ALAS-2015-483)
modlua.c in the modlua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access...