Description

The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.

Remediation

References

CVE-2008-2364

Related Vulnerabilities

Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-29052)

WordPress Plugin SpeakOut! Email Petitions Cross-Site Scripting (2.13.2)

WordPress Plugin Facebook With Login Multiple Vulnerabilities (1.0)

WordPress Plugin AccessPress Social Share includes Backdoor [Only if downloaded via the vendor website] (4.5.5)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-0215)

Severity

Medium

Classification

CVE-2008-2364 CWE-770

Tags

Missing Update Known Vulnerabilities