The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server prior to 2.4.8 allows remote malicious users to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server |
||
oracle secure global desktop 4.71 |
||
oracle http server 12.1.3.0 |
||
oracle secure global desktop 4.63 |
||
oracle http server 12.1.2.0 |
||
oracle http server 11.1.1.7.0 |
||
oracle http server 10.1.3.5.0 |
||
oracle secure global desktop 5.0 |
||
oracle secure global desktop 5.1 |
||
canonical ubuntu linux 13.10 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 12.04 |