Description

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.

Remediation

References

CVE-2014-0098

Related Vulnerabilities

Microsoft SQL Server CVE-2023-21704 Vulnerability (CVE-2023-21704)

WordPress Plugin HandL UTM Grabber Security Bypass (2.6.4)

WordPress 4.1.x PHP Object Injection (4.1 - 4.1.32)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-1450)

WordPress Plugin Yes/No Chart SQL Injection (1.0.11)

Severity

Medium

Classification

CVE-2014-0098

Tags

Missing Update Known Vulnerabilities