Apache · Apache Http Server · CVE-2018-8011
**Name of the Vulnerable Software and Affected Versions**
Apache HTTP Server version 2.4.33
**Description**
The issue is related to the mod md challenge handler, which can dereference a NULL pointer when specially crafted HTTP requests are made, causing the child process to segfault. This can be used to cause a denial of service (DoS) to the server.
**Recommendations**
For Apache HTTP Server version 2.4.33, update to version 2.4.34 to resolve the issue. As a temporary workaround, consider restricting access to the mod md module to minimize the risk of exploitation.