Your submission was sent successfully! Close

CVE-2016-2161

Published: 22 December 2016

In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
apache2
Launchpad, Ubuntu, Debian
Upstream
Released (2.4.25-1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2.4.18-2ubuntu3.2)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.4.7-1ubuntu4.14)
Patches:
Upstream: https://svn.apache.org/viewvc?view=revision&revision=1772919 (trunk)
Upstream: https://svn.apache.org/viewvc?view=revision&revision=1773069 (2.4)