Summary
This host is running Apache HTTP Server and is prone to Denial of Service vulnerability.
Impact
Successful exploitation will allow remote attackers to cause Denial of Service to the legitimate user by CPU consumption.
Impact Level: Application
Solution
Fixed in the SVN repository.
http://svn.apache.org/viewvc?view=rev&revision=791454
******
NOTE: Ignore this warning if above mentioned patch is already applied.
******
Insight
The flaw is due to error in 'mod_deflate' module which can cause a high CPU load by requesting large files which are compressed and then disconnecting.
Affected
Apache HTTP Server version 2.2.11 and prior
References
Severity
Classification
-
CVE CVE-2009-1891 -
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- EMC NetWorker 'nsrexecd' RPC Packet Denial of Service Vulnerability
- Colasoft Capsa Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
- Adobe Reader/Acrobat Denial of Service Vulnerability (May09)
- Dnsmasq Remote Denial of Service Vulnerability
- Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux)