CVE-2009-1891
CVE-2009-1891
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.htmlhttp://marc.info/?l=apache-httpd-dev&m=124621326524824&w=2http://marc.info/?l=apache-httpd-dev&m=124661528519546&w=2http://marc.info/?l=bugtraq&m=129190899612998&w=2http://marc.info/?l=bugtraq&m=130497311408250&w=2http://osvdb.org/55782https://bugzilla.redhat.com/show_bug.cgi?id=509125http://secunia.com/advisories/35721http://secunia.com/advisories/35781http://secunia.com/advisories/35793