The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Http_server | Apache | 2.2.3 | 2.2.3 |
Http_server | Apache | 2.2.4 | 2.2.4 |
Http_server | Apache | 2.2.1 | 2.2.1 |
Http_server | Apache | 2.2.2 | 2.2.2 |
Http_server | Apache | 2.2 | 2.2 |
Http_server | Apache | - | - |
Http_server | Apache | 2.2.6 | 2.2.6 |
Red Hat Application Stack v2 for Enterprise Linux | RedHat | httpd | * |
Red Hat Enterprise Linux 5 | RedHat | httpd-0:2.2.3-11.el5_1.3 | * |
Apache2 | Ubuntu | dapper | * |
Apache2 | Ubuntu | edgy | * |
Apache2 | Ubuntu | feisty | * |
Apache2 | Ubuntu | gutsy | * |