FreeBSD : mod_access_referer -- NULL pointer dereference vulnerability (af747389-42ba-11d9-bd37-00065be4b5b6)
Medium Nessus Plugin ID 19081
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionA malformed Referer header field causes the Apache ap_parse_uri_components function to discard it with the result that a pointer is not initialized. The mod_access_referer module does not take this into account with the result that it may use such a pointer.
The NULL pointer vulnerability may possibly be used in a remote denial of service attack against affected Apache servers.
SolutionUpdate the affected package.