Summary
This host is running Apache HTTP Server and is prone to Denial of Service vulnerability.
Impact
Successful exploitation will allow remote attackers to cause Denial of Service to the legitimate user by CPU consumption.
Impact Level: Application
Solution
Fixed in the SVN repository.
http://svn.apache.org/viewvc?view=rev&revision=790587
Insight
The flaw is due to error in 'stream_reqbody_cl' function in 'mod_proxy_http.c' in the mod_proxy module. When a reverse proxy is configured, it does not properly handle an amount of streamed data that exceeds the Content-Length value via crafted requests.
Affected
Apache HTTP Server version prior to 2.3.3
References
Severity
Classification
-
CVE CVE-2009-1890 -
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
Related Vulnerabilities