Description

The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

Remediation

References

CVE-2009-1891

Related Vulnerabilities

PHP Out-of-bounds Read Vulnerability (CVE-2015-2326)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9479)

Oracle Database Server CVE-2012-1708 Vulnerability (CVE-2012-1708)

WordPress Plugin Eshop Magic Arbitrary File Disclosure (0.1)

MySQL CVE-2019-3018 Vulnerability (CVE-2019-3018)

Severity

High

Classification

CVE-2009-1891 CWE-400

Tags

Missing Update Known Vulnerabilities