BSA-2018-711
21670
02 October 2018
02 October 2018
Closed
Medium
5.9
N/A
CVE-2016-1546
Summary Security Advisory ID : BSA-2018-711 Component : Apache HTTPD Revision : 1.0: Final
The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service (stream-processing outage) via modified flow-control windows.
Products Confirmed Not Vulnerable
No Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.
Revision History
Version |
Change |
Date |
---|---|---|
1.0 |
Initial Publication |
Oct 2, 2018 |