Check Point Advisories

Update Protection against Apache mod_proxy Interim Responses Denial of Service

Check Point Reference: CPAI-2009-015
Date Published: 9 Jan 2009
Severity: Medium
Last Updated: Thursday 01 January, 2009
Source: Secunia Advisory: SA30621
Industry Reference:CVE-2008-2364
Protection Provided by:
Who is Vulnerable? Apache 2.0.x
Apache 2.2.x
Vulnerability Description A vulnerability has been identified in the popular Web server Apache, specifically in the mod_proxy module. The vulnerability can be exploited to consume large amounts of memory by tricking mod_proxy into sending an overly large number of interim responses to the client. Successful exploitation would result in denial of service. 
Update/Patch AvaliableVisit the SVN repository.
http://svn.apache.org/viewvc/httpd/ht...6154&r2=666153&pathrev=666154

Vulnerability DetailsThe vulnerability is caused by an error in the "ap_proxy_http_process_response()" function when sending interim responses to the client, potentially resulting in a denial of service.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK