Description

The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."

Remediation

References

CVE-2013-5704

Related Vulnerabilities

WordPress Plugin Imsanity Unspecified Vulnerability (2.3.3)

WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.1)

WordPress Plugin Lifeline Donation Security Bypass (1.2.6)

Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)

MySQL CVE-2019-2581 Vulnerability (CVE-2019-2581)

Severity

Medium

Classification

CVE-2013-5704

Tags

Missing Update Known Vulnerabilities