Apache – CVE-2018-1302

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to a NULL Pointer Dereference vulnerability.
That could happen when an HTTP/2 stream was destroyed after being handled leading to the HTTP Server potentially writing a NULL pointer to an already freed memory. Also known as CVE-2018-1302.

Although it’s classified as low risk, the application dereferences a pointer that it expects to be valid, but is actually NULL, that, could cause crashes or an exit.

Recommendation

To fix CVE-2018-1302, upgrade the version of Apache Server being used to 2.4.33.

References

https://cwe.mitre.org/data/definitions/476.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1302

< Return to all Vulnerabilities

SQLI to RCE

How to preform SQLI TO RCE? One of the most interesting and important things about any site is the database. So, it’s important to protect

Read More »

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 9000 vulnerabilities.Kayran’s mission is to make

Read More »

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »