Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1301

Опубликовано: 26 мар. 2018
Источник: ubuntu
Приоритет: low
CVSS2: 4.3
CVSS3: 5.9

Описание

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.

РелизСтатусПримечание
artful

released

2.4.27-2ubuntu4.1
bionic

released

2.4.29-1ubuntu4.1
cosmic

released

2.4.29-1ubuntu4.1
devel

released

2.4.29-1ubuntu4.1
esm-infra-legacy/trusty

released

2.4.7-1ubuntu4.20
esm-infra/bionic

released

2.4.29-1ubuntu4.1
esm-infra/xenial

released

2.4.18-2ubuntu3.8
precise/esm

not-affected

2.2.22-1ubuntu1.15
trusty

released

2.4.7-1ubuntu4.20
trusty/esm

released

2.4.7-1ubuntu4.20

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

5.9 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-1301

CVSS3: 3.7
redhat
больше 7 лет назад

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.

nvd логотип

CVE-2018-1301

CVSS3: 5.9
nvd
больше 7 лет назад

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.

debian логотип

CVE-2018-1301

CVSS3: 5.9
debian
больше 7 лет назад

A specially crafted request could have crashed the Apache HTTP Server ...

github логотип

GHSA-c68v-mcv4-56hp

CVSS3: 5.9
github
больше 3 лет назад

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.

fstec логотип

BDU:2019-04309

CVSS3: 3.7
fstec
больше 7 лет назад

Уязвимость веб-сервера Apache HTTP Server, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании

4.3 Medium

CVSS2

5.9 Medium

CVSS3

Уязвимость CVE-2018-1301