Vulnerability & Exploit Database

Back to search

Gentoo Linux: CVE-2008-1678: Apache: Denial of Service

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:N/I:N/A:P) July 10, 2008 October 30, 2017 October 30, 2017

Description

Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

gentoo-linux-upgrade-www-servers-apache

Related Vulnerabilities