Showing 1 - 1 of 1

CVE-2014-8567

Status Candidate

Overview

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

Related Files

Red Hat Security Advisory 2014-1803-01: Posted Nov 5, 2014; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2014-1803-01 - mod_auth_mellon provides a SAML 2.0 authentication module for the Apache HTTP Server. An information disclosure flaw was found in mod_auth_mellon's session handling that could lead to sessions overlapping in memory. A remote attacker could potentially use this flaw to obtain data from another user's session. It was found that uninitialized data could be read when processing a user's logout request. By attempting to log out, a user could possibly cause the Apache HTTP Server to crash.; tags | advisory, remote, web, info disclosure; systems | linux, redhat; advisories | CVE-2014-8566, CVE-2014-8567; SHA-256 | bace11b023f51bec854dbba74876c1b28bf5a08128b9b8731372afea85f15b8c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 250 files
indoushka 184 files
Ubuntu 99 files
Gentoo 32 files
Debian 18 files
malvuln 13 files
Frederik Beimgraben 11 files
Chris Beiter 11 files
Matthias Deeg 11 files
Apple 10 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,132)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,415)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,936)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,896)
UNIX (9,464)
UnixWare (188)
Windows (6,782)
Other

CVE-2014-8567

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems