The mod_cgid module in the Apache HTTP Server prior to 2.4.10 does not have a timeout mechanism, which allows remote malicious users to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server |