CVE-2013-2249

EPSS 43.7%

Published: 7/23/2013Modified: 4/28/2026

Description

mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.

Affected packages (1)

Debian/apache2from 0, < 2.4.6-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-2249