WEB APPLICATION VULNERABILITIES Standard & Premium

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2009-3094)

Description

The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command.

Remediation

References

Related Vulnerabilities

Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-23498)

WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.4)

Apache Tomcat Insecure Default Initialization of Resource Vulnerability (CVE-2018-8014)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20150)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.3.4)

Severity

Low

Classification

CVE-2009-3094 CWE-476

Tags

Missing Update Known Vulnerabilities