Apache – CVE-2013-2249

Description

Kayran has detected a flaw in the version of Apache HTTP Server being used.
This vulnerability could lead to a denial of service attack. Also known as CVE-2013-2249.

By abusing a flaw in mod_session_dbd, a denial of service vulnerability is possible.
The program doesn’t release or doesn’t properly release a certain resource and proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID.
This has could impact the confidentiality, integrity, and availability of resources, as well as other remote attack vectors.

Severity/Score

CVSS Version 2.0 – 7.5 High

Recommendation

To fix CVE-2013-2249, upgrade the version of Apache Server being used to 2.4.6.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2249

< Return to all Vulnerabilities

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »