The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server |
||
canonical ubuntu linux 7.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |
||
fedoraproject fedora 9 |
||
fedoraproject fedora 8 |
||
redhat enterprise linux server 5.0 |
||
redhat enterprise linux desktop 3.0 |
||
redhat enterprise linux workstation 5.0 |
||
redhat enterprise linux desktop 4.0 |
||
redhat enterprise linux desktop 5.0 |
||
redhat enterprise linux eus 4.7 |
||
redhat enterprise linux server 4.0 |
||
redhat enterprise linux workstation 4.0 |
||
redhat enterprise linux workstation 3.0 |
||
redhat enterprise linux server 3.0 |
||
redhat enterprise linux eus 5.2 |