Wind River Support Network

HomeDefectsLIN6-7268
Fixed

LIN6-7268 : Security Advisory - apache - CVE-2013-5704

Created: Apr 29, 2014    Updated: Dec 3, 2018
Resolved Date: Dec 23, 2015
Found In Version: 6.0
Fix Version: 6.0.0.27
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass RequestHeader unset directives by placing a header in the trailer portion of data sent with chunked transfer coding.  NOTE: the vendor states this is not a security issue in httpd as such.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5704

Other Downloads


Live chat
Online