Apache HTTP Server versions 2.4.20 to 2.4.43 Crash CVE-2020-9490 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Apache HTTP Server versions 2.4.20 to 2.4.43 Crash CVE-2020-9490 Scanner Detail

There is a crash in Apache HTTP Server versions 2.4.20 to 2.4.43.

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.

Some Advice for Common Problems

Update your Apache HTTP Server to the latest version to eliminate this vulnerability.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service