A buffer overflow vulnerability is rated moderate by the Apache Software Foundation. It’s caused by a race condition in the way that Apache handles updating the mod_status component. An attacker can exploit it without authentication. Four DoS vulnerabilities have been fixed in the latest release of the Apache Web server, 2.4.10-dev. Two of those vulnerabilities are rated important and the other two are rated moderate risks, according to the foundation’s advisory. The vulnerabilities were discovered by Marek Kroemeke, a researcher who discovered it.
Source: https://threatpost.com/five-vulnerabilities-fixed-in-apache-web-server/107278/