Apache – CVE-2014-0231

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to a Resource Management Errors vulnerability (CWE-399).
The CVE-2014-0231 is caused due to improper management of system resources.

The mod_cgid module in the version of Apache HTTP Server being used does not have a timeout mechanism.
An attacker could cause child processes to hang indefinitely which leads to a denial of service (by enacting a “process hang”) via a request to a CGI script that does not read from its stdin file descriptor.

This will cause a decrease in performance and also for interruptions in the availability of resources.

Recommendation

To fix CVE-2014-0231, upgrade the version of Apache HTTP Server being used to either 2.2.29 or 2.4.10 (and higher than 2.4.10)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231

https://cwe.mitre.org/data/definitions/399.html

< Return to all Vulnerabilities

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Read More »