Apache – CVE-2013-2249

Description

Kayran has detected a flaw in the version of Apache HTTP Server being used.
This vulnerability could lead to a denial of service attack. Also known as CVE-2013-2249.

By abusing a flaw in mod_session_dbd, a denial of service vulnerability is possible.
The program doesn’t release or doesn’t properly release a certain resource and proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID.
This has could impact the confidentiality, integrity, and availability of resources, as well as other remote attack vectors.

Severity/Score

CVSS Version 2.0 – 7.5 High

Recommendation

To fix CVE-2013-2249, upgrade the version of Apache Server being used to 2.4.6.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2249

< Return to all Vulnerabilities

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »