VDB
CNVD-2023-93320
CNVD-2023-93320
PUBLISHED
Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 Apache HTTP Server 2.4.57及之前版本存在缓冲区溢出漏洞,该漏洞源于mod_macro缓冲区存在越界读取漏洞。攻击者可以利用该漏洞造成拒绝服务。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache Software Foundation | Apache HTTP Server | 0 |
Timeline
- Oct 23, 2023 CVE Published
- Oct 23, 2023 PoC Published
- Oct 28, 2023 CVE ID Reserved
- Feb 7, 2024 PoC Published
- Oct 15, 2024 PoC Published
- May 13, 2025 PoC Published
References
- https://httpd.apache.org/security/vulnerabilities_24.html vendor-advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/ url
- https://security.netapp.com/advisory/ntap-20231027-0011/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/ url
- https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html url