Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache HTTP Server Improper Input Validation Vulnerability - CVE-2012-0021 - Vulnerability Database
Apache HTTP Server

Apache HTTP Server Improper Input Validation Vulnerability - CVE-2012-0021

Low
Reference: CVE-2012-0021
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-0021
Title: Apache HTTP Server Improper Input Validation Vulnerability
Overview:

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21 when a threaded MPM is used does not properly handle a C format string which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.