Vulnerabilities

CVE-2013-6438

by Fred · 17/03/2014

The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.

Date published : 2014-03-17

http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

Similar

Tags: Cybersecurity Alert