LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

Apache – CVE-2020-13950

Description

Cytrix has detected that the Version of Apache HTTP Server being used is vulnerable to a ‘mod_proxy_http’ null pointer dereference.

CVE-2020-13950 is categorized as a ‘NULL Pointer Dereference’ vulnerability (CWE-476).
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is actually NULL.
That, will probably cause a crash or an exit.

NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.

Attackers could cause the ‘mod_proxy_http’ to crash (via NULL pointer dereference).
They do that by crafting requests that uses both Content-Length and Transfer-Encoding headers, which could lead to a Denial of Service (DoS).

It could lead to a decrease in performance and interruptions in the availability of resources.

Recommendation

To fix CVE-2020-13950, upgrade the version of Apache HTTP Server being used to 2.4.48.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950

https://cwe.mitre.org/data/definitions/476.html

< Return to all Vulnerabilities

Request a Demo

What is Cytrix

Cytrix scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Cytrix’s mission is to make

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin