Vulnerability CVE-2016-8740


Published: 2016-12-05   Modified: 2017-11-13

Description:
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Apache HTTPD Web Server 2.4.23 Memory Exhaustion
Naveen Tiwari
06.12.2016

Type:

CWE-399

(Resource Management Errors)

Vendor: Apache
Product: Http server 
Version:
2.4.23
2.4.22
2.4.21
2.4.20
2.4.19
2.4.18
2.4.17

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://packetstormsecurity.com/files/140023/Apache-HTTPD-Web-Server-2.4.23-Memory-Exhaustion.html
http://www.securityfocus.com/bid/94650
http://www.securitytracker.com/id/1037388
https://github.com/apache/httpd/commit/29c63b786ae028d82405421585e91283c8fa0da3
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us
https://security.gentoo.org/glsa/201701-36
https://support.apple.com/HT208221
https://www.exploit-db.com/exploits/40909/
https://www.tenable.com/security/tns-2017-04

Related CVE
CVE-2017-3157
By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections...
CVE-2017-12607
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary c...
CVE-2017-12608
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resu...
CVE-2017-9806
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resu...
CVE-2016-6804
The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which ...
CVE-2014-0219
Apache Karaf enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports.
CVE-2017-12633
The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security flaws.
CVE-2017-12634
The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security flaws.

Copyright 2017, cxsecurity.com

 

Back to Top