Description

The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.

Remediation

References

CVE-2014-3583

Related Vulnerabilities

OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2005-2946)

MySQL CVE-2013-1544 Vulnerability (CVE-2013-1544)

WordPress Plugin IWantOneButton 'updateAJAX.php' SQL Injection (3.0.1)

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2009-1386)

WebLogic CVE-2024-20927 Vulnerability (CVE-2024-20927)

Severity

Medium

Classification

CVE-2014-3583 CWE-119

Tags

Missing Update Known Vulnerabilities