Описание
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Enterprise Web Server 2 | mod_cluster | Will not fix | ||
| Red Hat JBoss Enterprise Web Server 3 | mod_cluster | Affected | ||
| JBoss Core Services on RHEL 6 | jbcs-httpd24-httpd | Fixed | RHSA-2017:0193 | 25.01.2017 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-mod_auth_kerb | Fixed | RHSA-2017:0193 | 25.01.2017 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-mod_bmx | Fixed | RHSA-2017:0193 | 25.01.2017 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-mod_cluster-native | Fixed | RHSA-2017:0193 | 25.01.2017 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-mod_jk | Fixed | RHSA-2017:0193 | 25.01.2017 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-mod_rt | Fixed | RHSA-2017:0193 | 25.01.2017 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-mod_security | Fixed | RHSA-2017:0193 | 25.01.2017 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-nghttp2 | Fixed | RHSA-2017:0193 | 25.01.2017 |
Показывать по
10
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=1341583mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute
EPSS
Процентиль: 81%
0.01537
Низкий
4.8 Medium
CVSS3
3.8 Low
CVSS2
Связанные уязвимости
CVSS3: 7.5
nvd
почти 9 лет назад
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
CVSS3: 7.5
debian
почти 9 лет назад
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluste ...
CVSS3: 7.5
github
больше 3 лет назад
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
EPSS
Процентиль: 81%
0.01537
Низкий
4.8 Medium
CVSS3
3.8 Low
CVSS2