Lucene search

K

6 matches found

CVE
CVE
added 2014/07/20 11:12 a.m.2036 views

CVE-2014-0226

Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard h...

6.8CVSS7AI score0.90647EPSS
CVE
CVE
added 2014/07/20 11:12 a.m.2003 views

CVE-2014-0231

The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.

5CVSS4.2AI score0.17169EPSS
CVE
CVE
added 2014/07/20 11:12 a.m.1321 views

CVE-2014-0118

The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size...

4.3CVSS6.3AI score0.45051EPSS
CVE
CVE
added 2014/07/20 11:12 a.m.1095 views

CVE-2014-0117

The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.

4.3CVSS8.6AI score0.52565EPSS
CVE
CVE
added 2014/07/20 11:12 a.m.862 views

CVE-2014-3523

Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

5CVSS6.3AI score0.44449EPSS
CVE
CVE
added 2014/07/20 11:12 a.m.736 views

CVE-2013-4352

The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hos...

4.3CVSS8.7AI score0.18045EPSS