4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
26.5%
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x
through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is
enabled, does not restrict the size of values of environment variables,
which allows local users to cause a denial of service (memory consumption
or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf
directive, in conjunction with a crafted HTTP request header, related to
(1) the “len +=” statement and (2) the apr_pcalloc function call, a
different vulnerability than CVE-2011-3607.
Author | Note |
---|---|
mdeslaur | Apache doesn’t consider this to be a security issue. Ignoring. |