icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Apache < 2.0.51 mod_dav DAV LOCK Command Remote DoS

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running a vulnerable version of Apache. It is reported that versions prior 2.0.51 are prone to a remote denial of service issue. An attacker may issue a specific sequence of DAV LOCK commands to crash the process. If Apache is configured to use threads, it may completely crash the Apache process.

Solution

Upgrade to Apache 2.0.51 or higher.