Memory Leak in WinNT MPM Allows Remote DoS via Crafted Requests

Memory Leak in WinNT MPM Allows Remote DoS via Crafted Requests

CVE-2014-3523 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

Learn more about our Cis Benchmark Audit For Apache Http Server.