CVE-2014-0098
Published Mar 18, 2014
Last updated a year ago
Overview
- Description
- The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "704549BA-5585-4745-BB62-F0F9BDCB65DB",
"versionEndExcluding": "2.2.27",
"versionStartIncluding": "2.2.0"
},
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92E5B3BB-788C-4F30-A1C2-2AF1B3E2A87D",
"versionEndExcluding": "2.4.9",
"versionStartIncluding": "2.4.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2E69311-C5B8-45FA-809F-ADAE4E35559D"
},
{
"criteria": "cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "911FBD5E-213D-482F-81A9-C3B8CE7D903A"
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DACC1F65-5AF7-4CD4-ACD2-46D941A19110"
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD4552F9-F5B9-4A52-BA5C-D32D49FABD28"
},
{
"criteria": "cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F27D9960-00E7-4261-850B-D417858F88A7"
},
{
"criteria": "cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E7F2CF7-CCB3-4EB7-AE44-637C12D97428"
},
{
"criteria": "cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31356F14-F939-4552-8727-99B41B4BFF5B"
},
{
"criteria": "cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B65FC68F-1348-462A-84EE-E8B7838A5524"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91"
}
],
"operator": "OR"
}
]
}
]