IBM HTTP Server Mod_proxy Interim Responses DoS Vulnerability Network Vulnerability

Summary

This host is running IBM HTTP Server, which is prone to Denial of Service Vulnerability.

Impact

A remote/local user can cause denial of service Impact Level : Application

Solution

Update to Fix Pack 19 http://www-01.ibm.com/support/docview.wss?uid=swg27008517 ***** NOTE : Ignore this warning if above mentioned patch is applied already. *****

Insight

Issue is due to an error in the ap_proxy_http_process_response() function in mod_proxy_http.c in the mod_proxy module when processing large number of interim responses to the client, which could consume all available memory resources.

Affected

IBM HTTP Server versions prior to 6.1.0.19.

References

http://secunia.com/Advisories/31904/
http://www-01.ibm.com/support/docview.wss?rs=177&context=SSEQTJ&uid=swg21173021
http://xforce.iss.net/xforce/xfdb/42987

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-2364

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Mac OS X)
F-PROT Antivirus Multiple Vulnerabilities
Avahi Denial of Service Vulnerability
Asterisk RTP Text Frames Denial Of Service Vulnerability
Denial Of Service Vulnerability in PHP April-09

IBM HTTP Server mod_proxy Interim Responses DoS Vulnerability

Take action and discover your vulnerabilities