A denial-of-service vulnerability exists in Apache mod_dav.
mod_dav is an Apache module. This module enables Apache web servers to provide users the ability to edit and manage files on a remote web server using the HTTP protocol. A vulnerability in mod_dav may allow an attacker to kill a child process. This may cause Apache to use excessive resources in a preforked multi-processing module.
An attacker may be able to consume excessive CPU resources on the target web server.
Upgrade to Apache 2.0.42.
Thanks to Mark Cox for helping us to understand this vulnerability.
This document was written by Ian A Finlay.
|Date First Published:||2002-09-26|
|Date Last Updated:||2003-05-30 17:14 UTC|