Description

The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.

Remediation

References

CVE-2014-0231

Related Vulnerabilities

WordPress Plugin Twitget Cross-Site Request Forgery (3.3.2)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-35653)

Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.9)

WordPress Plugin Tickera-WordPress Event Ticketing Cross-Site Scripting (3.4.8.2)

WordPress Plugin bbPress Like Button SQL Injection (1.5)

Severity

Medium

Classification

CVE-2014-0231

Tags

Missing Update Known Vulnerabilities