Description

The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value.

Remediation

References

CVE-2013-4352

Related Vulnerabilities

Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)

Family Connections Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-5130)

Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)

TYPO3 Improper Input Validation Vulnerability (CVE-2013-7079)

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1950)

Severity

Medium

Classification

CVE-2013-4352

Tags

Missing Update Known Vulnerabilities