Description

The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value.

Remediation

References

CVE-2013-4352

Related Vulnerabilities

Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43798)

WordPress Plugin Stylish Cost Calculator Cross-Site Scripting (7.0.3)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9640)

Drupal Core 8.6.x Directory Traversal (8.6.0 - 8.6.15)

MySQL CVE-2019-2830 Vulnerability (CVE-2019-2830)

Severity

Medium

Classification

CVE-2013-4352

Tags

Missing Update Known Vulnerabilities