CVE-2014-8567

Published: Nov 14, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://linux.oracle.com/errata/ELSA-2014-1803.html

x_refsource_CONFIRM

RHSA-2014:1803

vendor-advisory

x_refsource_REDHAT

62094

third-party-advisory

x_refsource_SECUNIA

62125

third-party-advisory

x_refsource_SECUNIA

[modmellon] 20141103 Information disclosure vulnerability in version 0.8.0 of mod_auth_mellon

mailing-list

x_refsource_MLIST

https://github.com/UNINETT/mod_auth_mellon/commit/0f5b4fd860fa7e3a6c47201637aab05395f32647

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-8567

Description

Affected Products

References