Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-3523

Опубликовано: 15 июл. 2014
Источник: redhat
CVSS3: 7.5
CVSS2: 5

Описание

Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

Отчет

Not affected. This issue did not affect the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6 and 7, Red Hat JBoss Web Server 1 and 2, and Red Hat JBoss Enterprise Application Platform 5 and 6. This flaw only affects httpd running on Microsoft Windows. Red Hat JBoss Web Server 1 and 2, and Red Hat JBoss Enterprise Application Platform 5 and 6 can be run on Microsoft Windows. However, these products provide httpd 2.2, which is not affected by this flaw.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Directory Server 8httpdNot affected
Red Hat Enterprise Linux 5httpdNot affected
Red Hat Enterprise Linux 6httpdNot affected
Red Hat Enterprise Linux 7httpdNot affected
Red Hat JBoss Enterprise Application Platform 5httpdNot affected
Red Hat JBoss Enterprise Application Platform 6httpdNot affected
Red Hat JBoss Enterprise Web Server 1httpdNot affected
Red Hat JBoss Enterprise Web Server 1othersNot affected
Red Hat JBoss Enterprise Web Server 2httpdNot affected
Red Hat Software Collectionshttpd24-httpdNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1121519httpd: WinNT MPM denial of service

7.5 High

CVSS3

5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-3523

ubuntu
около 11 лет назад

Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

nvd логотип

CVE-2014-3523

nvd
около 11 лет назад

Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

debian логотип

CVE-2014-3523

debian
около 11 лет назад

Memory leak in the winnt_accept function in server/mpm/winnt/child.c i ...

github логотип

GHSA-jvhm-2h34-2h38

github
больше 3 лет назад

Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

fstec логотип

BDU:2015-00397

fstec
около 11 лет назад

Уязвимость программного обеспечения Apache HTTP Server, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

7.5 High

CVSS3

5 Medium

CVSS2