Description

The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.

Remediation

References

CVE-2014-0117

Related Vulnerabilities

Oracle JRE CVE-2014-2397 Vulnerability (CVE-2014-2397)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2082)

WordPress 4.8.x Directory Traversal (4.8 - 4.8.24)

Drupal Core 8.8.x Remote Code Execution (8.8.0 - 8.8.11)

WordPress Plugin Random Banner Cross-Site Scripting (1.1.2.1)

Severity

Medium

Classification

CVE-2014-0117 CWE-20

Tags

Missing Update Known Vulnerabilities