Endpoint Vulnerability

Apache Httpd - moderate:mod_status buffer overflow(CVE-2014-0226)

Description

A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.

Affected Products

Apache Httpd

References

CVE-2014-0226,