Description

In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.

Remediation

References

CVE-2016-2161

Related Vulnerabilities

Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-4359)

Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)

WordPress Plugin Lana Email Logger Cross-Site Scripting (1.0.2)

WordPress Plugin Site Reviews Cross-Site Scripting (2.15.2)

WebLogic Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-27568)

Severity

High

Classification

CVE-2016-2161 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities