Hi there,
Software: apache httpd 2.4.7 , possibly others from 2.3 and 2.4
branches.
If apache is configured with mod_proxy module (for example in front of
a tomcat, or proxypassing requests to other backend servers), it is
possible
to use all available memory on the server and potentially cause a
Hi there,
--[ 0. Sparse summary
Race condition between updating httpd's "scoreboard" and mod_status,
leading to several critical scenarios like heap buffer overflow with
user
supplied payload and leaking heap which can leak critical memory
containing
htaccess credentials, ssl certificates private
