LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

Apache – CVE-2014-0226

Description

Cytrix has detected that the Version of Apache HTTP Server being used is vulnerable to ‘mod_status buffer overflow’.
CVE-2014-0226 is categorized as a ‘Concurrent Execution using Shared Resource with Improper Synchronization’ vulnerability (CWE-362). A race condition was found in mod_status.

A ‘race condition’ in mod_status allow remote attackers to initiate Denial of Service (DoS) attacks through heap-based buffer overflow against your assets.
This, could also allow attackers to obtain any sensitive credential information or to execute arbitrary codes.
They do so via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c

It will lead to information being disclosed, assisting attackers in performing attacks against your assets.
It will cause a decrease in performance and interruptions in the availability of resources. There’s a chance that this vulnerability will allow attackers to modify system files and information.

Recommendation

To fix CVE-2014-0226, upgrade the version of Apache HTTP Server being used to either 2.2.29 or 2.4.10.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226

https://cwe.mitre.org/data/definitions/362.html

< Return to all Vulnerabilities

Request a Demo

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »

SQLI to RCE

How to preform SQLI TO RCE? One of the most interesting and important things about any site is the database. So, it’s important to protect

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin