CVSS Base Vector:
Remote Banner Unreliable
Apache HTTP server is prone to multiple vulnerabilities.
Apache HTTP server is prone to multiple vulnerabilities:
- A malicious client could perform a DoS attack by flooding a connection with requests and
basically never reading responses on the TCP connection. Depending on h2 worker dimensioning,
it was possible to block those with relatively few connections. (CVE-2019-9517)
- HTTP/2 very early pushes, for example configured with 'H2PushResource', could lead to
an overwrite of memory in the pushing request's pool, leading to crashes. The memory
copied is that of the configured push link header values, not data supplied by
the client. (CVE-2019-10081)
Checks if a vulnerable version is present on the target host.
Apache HTTP server version 2.4.20 to 2.4.39.
Update to version 2.4.41 or later.
Find and Fix this Vulnerability:
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition
NVD CVE ID: