Null Pointer Dereference DoS Vulnerability in mod_md Challenge Handler

Null Pointer Dereference DoS Vulnerability in mod_md Challenge Handler

CVE-2018-8011 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33).

Learn more about our Cis Benchmark Audit For Apache Http Server.