CVE-2014-0226

by Fred · 20/07/2014

Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.

Date published : 2014-07-20

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

http://www.securityfocus.com/bid/68678

CVE-2014-0226

Similar

Recent Posts

Categories

CVE-2014-0226

Share this:

Similar

Recent Posts

Categories

Tags