CVE-2007-6422 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-6422
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6422

Description: The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39476 UBUNTU http://www.ubuntu.com/usn/usn-575-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html SREASON http://securityreason.com/securityalert/3523 SAID Secunia Advisory: SA29640 Secunia Advisory: SA29348 Secunia Advisory: SA28977 Secunia Advisory: SA28526 Secunia Advisory: SA28749 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0008.html http://www.redhat.com/support/errata/RHSA-2008-0009.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:016 GENTOO http://security.gentoo.org/glsa/glsa-200803-19.xml FEDORA CONFIRM http://httpd.apache.org/security/vulnerabilities_22.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/486169/100/0/threaded BID 27236

Return to the previous page.