Denial of Service Vulnerability in mod_cgi of Apache 2.0.39 and 2.0.40

Denial of Service Vulnerability in mod_cgi of Apache 2.0.39 and 2.0.40

CVE-2002-1850 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.

Learn more about our Cis Benchmark Audit For Apache Http Server.