QwikSec

Security Database

CVE

CWE

Training

CVE-2021-26690

Published: Jun 10, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

Vendor	Product	Versions
Apache Software Foundation	Apache HTTP Server	affected `2.4.46` affected `2.4.43` affected `2.4.41` affected `2.4.39` affected `2.4.38` +24 more versions

References

http://httpd.apache.org/security/vulnerabilities_24.html

x_refsource_MISC

https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E

x_refsource_MISC

[httpd-announce] 20210609 CVE-2021-26690: mod_session NULL pointer dereference

mailing-list

x_refsource_MLIST

[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json

mailing-list

x_refsource_MLIST

[oss-security] 20210609 CVE-2021-26690: Apache httpd: mod_session NULL pointer dereference

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_GENTOO

FEDORA-2021-dce7e7738e

vendor-advisory

x_refsource_FEDORA

FEDORA-2021-e3f6dd670d

vendor-advisory

x_refsource_FEDORA

https://www.oracle.com/security-alerts/cpuoct2021.html

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210702-0001/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.