Apache – CVE-2014-0231

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to a Resource Management Errors vulnerability (CWE-399).
The CVE-2014-0231 is caused due to improper management of system resources.

The mod_cgid module in the version of Apache HTTP Server being used does not have a timeout mechanism.
An attacker could cause child processes to hang indefinitely which leads to a denial of service (by enacting a “process hang”) via a request to a CGI script that does not read from its stdin file descriptor.

This will cause a decrease in performance and also for interruptions in the availability of resources.

Recommendation

To fix CVE-2014-0231, upgrade the version of Apache HTTP Server being used to either 2.2.29 or 2.4.10 (and higher than 2.4.10)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231

https://cwe.mitre.org/data/definitions/399.html

< Return to all Vulnerabilities

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Read More »

Blue Team

We’ve talked about The Red Team before, but what about The Blue Team? How is this group different from the red one? Why would we

Read More »