Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server Improper Locking Vulnerability (CVE-2002-1850)

Description

mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.

Remediation

References

Related Vulnerabilities

WordPress Plugin WangGuard Multiple Vulnerabilities (1.7.2)

Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1487)

WordPress Plugin Kento Post View Counter Multiple Vulnerabilities (2.8)

Pega Infinity Improper Authentication Vulnerability (CVE-2021-27651)

Liferay DXP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2024-25606)

Severity

High

Classification

CVE-2002-1850 CWE-667 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities