Apache – CVE-2007-6422

Description

Kayran has detected that the Version of Apache HTTP Server being used has a Resource Management Error (CWE-399).
Weaknesses in this category are related to improper management of system resources.

Also known as CVE-2007-6422.

Remote authenticated users could abuse the fact that the balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is being used used.
That, will allow them to cause a Denial of Service (child process crashes) via an invalid bb variable.
This will cause a decrease in performance and also for interruptions in the availability of resources.

Recommendation

To fix CVE-2007-6422, upgrade the version of Apache HTTP Server being used to 2.2.8.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422

https://cwe.mitre.org/data/definitions/399.html

< Return to all Vulnerabilities

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »