Description

The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

Remediation

References

CVE-2009-1891

Related Vulnerabilities

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2010-2952)

XWiki Missing Authorization Vulnerability (CVE-2023-41046)

WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.22.24)

WordPress Plugin Flamingo Code Injection (1.1)

WordPress Plugin OptionTree Cross-Site Scripting (2.5.3)

Severity

High

Classification

CVE-2009-1891 CWE-400

Tags

Missing Update Known Vulnerabilities