Security Advisory - Apache Software Foundation Apache HTTPD WebServer / httpd.apache.org Server memory can be exhausted and service denied when HTTP/2 is used CVE-2016-8740 The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations on request headers correctly when experimental module for the HTTP/2 protocol is used to access a resource. The net result is that a the server allocates too much memory instead of denying the request. This can lead to memory exhaustion of the server by a properly crafted request. Background: -
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment