The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Http_server | Apache | 2.0.35 (including) | 2.0.51 (excluding) |