Apache – CVE-2021-26690

Home » Blog » Apache – CVE-2021-26690

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to a NULL Pointer Dereference vulnerability. Also known as CVE-2021-26690.

By using a specially crafted Cookie header handled by mod_session that can cause a NULL pointer dereference that could lead to crashes or an exit.
That may lead to a possible Denial Of Service (DoS) attack against your assets.

This will cause a decrease in performance and also for interruptions in the availability of resources.

Recommendation

To fix CVE-2021-26690, upgrade the version of Apache Server being used to 2.4.48.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690

https://cwe.mitre.org/data/definitions/476.html

< Return to all Vulnerabilities

Your SQL got the I(njection)

We’ve talked about it before right? or am i the only one having a Deja-Vu? Or an SQL Injection? No on likes doctors, or needles,

To serve or not to serve – DoS vs. DDoS

If you’ve heard of the beautiful term called DoS before, great! that’s not it. To the “veterans” among us this term usually attributed to DOS

Cybersecurity – The thinnest security guards you will ever know

I can sit here all day long talking about vulnerabilities, attackers and other scary ways that puts our money and personal data at risk and

The Risks in Web Applications and other scary things…

There are couple of things regarding Risks in Web-Based Applications that you should know, let’s talk about them. When crossing the street, we look at

Quickly! – Incident Response – IR

In the field of information security, one of the most important factors is speed. Quickly! Is the way we must respond to each case individually.

Baby steps – getting into the PT industry

By raising hands please tell me ; WHO LIKES MONEY ? I bet none of you kept his hand low, and that’s fine, we love

WEB APPLICATION VULNERABILITY SCANNER