WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2008-2364)

Description

The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.

Remediation

References

Related Vulnerabilities

WordPress Plugin 10Web Social Feed for Instagram Security Bypass (1.3.18)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-4408)

WordPress Plugin RSVPMaker SQL Injection (9.2.6)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6514)

WordPress Plugin Snazzy Archives Cross-Site Scripting (1.7.1)

Severity

Medium

Classification

CVE-2008-2364 CWE-770

Tags

Missing Update Known Vulnerabilities