Apache – CVE-2021-26690

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to a NULL Pointer Dereference vulnerability. Also known as CVE-2021-26690.

By using a specially crafted Cookie header handled by mod_session that can cause a NULL pointer dereference that could lead to crashes or an exit.
That may lead to a possible Denial Of Service (DoS) attack against your assets.

This will cause a decrease in performance and also for interruptions in the availability of resources.

Recommendation

To fix CVE-2021-26690, upgrade the version of Apache Server being used to 2.4.48.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690

https://cwe.mitre.org/data/definitions/476.html

< Return to all Vulnerabilities

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »