IBM HTTP Server Mod_proxy Interim Responses DoS Vulnerability Network Vulnerability

Summary

This host is running IBM HTTP Server, which is prone to Denial of Service Vulnerability.

Impact

A remote/local user can cause denial of service Impact Level : Application

Solution

Update to Fix Pack 19 http://www-01.ibm.com/support/docview.wss?uid=swg27008517 ***** NOTE : Ignore this warning if above mentioned patch is applied already. *****

Insight

Issue is due to an error in the ap_proxy_http_process_response() function in mod_proxy_http.c in the mod_proxy module when processing large number of interim responses to the client, which could consume all available memory resources.

Affected

IBM HTTP Server versions prior to 6.1.0.19.

References

http://secunia.com/Advisories/31904/
http://www-01.ibm.com/support/docview.wss?rs=177&context=SSEQTJ&uid=swg21173021
http://xforce.iss.net/xforce/xfdb/42987

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-2364
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache Connection Blocking Denial of Service
Firefox XUL Parsing Denial of Service Vulnerability (Win)
FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
Comodo Internet Security Denial of Service Vulnerability July 13
ClamAV Prior to 0.96.5 Multiple Vulnerabilities

IBM HTTP Server mod_proxy Interim Responses DoS Vulnerability

Take action and discover your vulnerabilities