CVE-2013-4352

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.6

Description The issue is related to a function cache invalidate in the mod cache module. It allows remote HTTP servers to cause a denial of service, resulting in a daemon crash due to a NULL pointer dereference. This occurs when a caching forward proxy is enabled and a missing hostname value is triggered. The estimated number of potentially affected devices is not provided.

Recommendations For Apache HTTP Server version 2.4.6, update to version 2.4.7 or later to resolve the issue. As a temporary workaround, consider disabling the cache invalidate function in the mod cache module until a patch is available. Restrict access to the caching forward proxy configuration to minimize the risk of exploitation.