oss-sec mailing list archives

CVE-2020-13938: Apache httpd: Improper Handling of Insufficient Privileges

From: Christophe JAILLET <jailletc36 () apache org>
Date: Wed, 09 Jun 2021 23:11:00 +0200


CVE-2020-13938: Improper Handling of Insufficient Privileges

Severity: moderate

Vendor: The Apache Software Foundation

Versions Affected:
httpd 2.4.0 to 2.4.47

Description:
Apache HTTP Server 2.4.0 to 2.4.47
Unprivileged local users can stop httpd on Windows
    
Mitigation:
n/a

Credit:
Discovered by Ivan Zhakov

References:
https://httpd.apache.org/security/vulnerabilities_24.html

Current thread:

CVE-2020-13938: Apache httpd: Improper Handling of Insufficient Privileges Christophe JAILLET (Jun 10)