Security Information / 1998 / Security Information -- apache

Debian Security Advisory

apache -- vulnerable to a denial of service

Date Reported:

28 Aug 1998

Affected Packages:

apache

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

We have received a report from Dag-Erling Coidan Smørgrav who says that the apache as distributed with Debian GNU/Linux 2.0 is vulnerable to a denial of services exploit, where repeated, identical headers can consume O(n²) memory.

We recommend you upgrade your apache package immediately.

Fixed in:

All - (in release 2.0) 1.3.0-5