CVE-2007-1863: cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote…

medium5CVSS 3.1

AVNACLAuNCNINAP

cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.

Affected

39 ranges· showing 25

Vendor	Product	Version range	Fixed in
apache	http_server	>= 2.0.37 < 2.0.61	2.0.61
apache	http_server	>= 2.2.0 < 2.2.6	2.2.6
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—
apple	mac_os_x_server	—	—

CVSS provenance

nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P

osv5.0MEDIUM