Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-3110

Опубликовано: 22 авг. 2016
Источник: redhat
CVSS3: 5.1
CVSS2: 4.7
EPSS Низкий

Описание

mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element.

It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP).

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat JBoss Enterprise Web Server 3mod_clusterAffected
Red Hat JBoss Enterprise Application Platform 6.4mod_clusterFixedRHSA-2016:205612.10.2016
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6hornetq-nativeFixedRHSA-2016:205512.10.2016
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6httpdFixedRHSA-2016:205512.10.2016
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6jbcs-httpd24FixedRHSA-2016:205512.10.2016
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6jbcs-httpd24-opensslFixedRHSA-2016:205512.10.2016
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6mod_cluster-nativeFixedRHSA-2016:205512.10.2016
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6mod_jkFixedRHSA-2016:205512.10.2016
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6tomcat-nativeFixedRHSA-2016:205512.10.2016
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7hornetq-nativeFixedRHSA-2016:205412.10.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1326320mod_cluster: remotely Segfault Apache http server

EPSS

Процентиль: 87%
0.03218
Низкий

5.1 Medium

CVSS3

4.7 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2016-3110

CVSS3: 7.5
nvd
больше 9 лет назад

mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element.

debian логотип

CVE-2016-3110

CVSS3: 7.5
debian
больше 9 лет назад

mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote at ...

github логотип

GHSA-68qq-3phh-53j7

CVSS3: 7.5
github
больше 3 лет назад

mod_cluster Denial of Service vulnerability

EPSS

Процентиль: 87%
0.03218
Низкий

5.1 Medium

CVSS3

4.7 Medium

CVSS2