CVE-2014-0117

Priority
Medium
Description
The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a
reverse proxy is enabled, allows remote attackers to cause a denial of
service (child-process crash) via a crafted HTTP Connection header.
References
Notes
 mdeslar> PoC: http://seclists.org/fulldisclosure/2014/Jul/117
Assigned-to
mdeslaur
Package
Upstream:released (2.4.10)
Ubuntu 14.04 LTS (Trusty Tahr):released (2.4.7-1ubuntu4.1)
Patches:
Upstream:http://svn.apache.org/viewvc?view=revision&revision=1610737 (2.4.x)
More Information

Updated: 2017-08-11 23:51:35 UTC (commit 13081)