CVE-2014-8567

Опубликовано: 03 нояб. 2014

Источник: redhat

CVSS2: 4

EPSS Низкий

Описание

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

It was found that uninitialized data could be accessed when processing a user's logout request. By attempting to log out, a user could possibly cause the Apache HTTP Server to crash.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1157954mod_auth_mellon: logout processing leads to denial of service

EPSS

Процентиль: 89%

0.04434

Низкий

4 Medium

CVSS2

Связанные уязвимости

CVE-2014-8567

ubuntu

почти 11 лет назад

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

CVE-2014-8567

nvd

почти 11 лет назад

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

CVE-2014-8567

debian

почти 11 лет назад

The mod_auth_mellon module before 0.8.1 allows remote attackers to cau ...

GHSA-wggx-3j62-wmwr

github

больше 3 лет назад

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

ELSA-2014-1803

oracle-oval

почти 11 лет назад

ELSA-2014-1803: mod_auth_mellon security update (IMPORTANT)

EPSS

Процентиль: 89%

0.04434

Низкий

4 Medium

CVSS2