Lucene search
HistoryMar 27, 2015 - 2:59 p.m.
CVE-2014-3619
cve-2014-3619
glusterfs
denial of service
infinite loop
remote attackers
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
8.1 High
AI Score
Confidence
High
0.018 Low
EPSS
Percentile
88.3%
The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a “00000000” fragment header.
Affected configurations
Node
opensuseopensuseMatch13.1
Node
glusterglusterfsMatch3.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| opensuse:opensuse | opensuse | eq | 13.1 |
Related
nessus
nessus
openSUSE Security Update : glusterfs (openSUSE-2015-241)
2015-03-20 00:00:00
Mandriva Linux Security Advisory : glusterfs (MDVSA-2015:211)
2015-04-28 00:00:00
openSUSE Security Update : glusterfs (openSUSE-2015-219)
2015-03-12 00:00:00
prion
prion
Design/Logic Flaw
2015-03-27 14:59:00
ubuntucve
ubuntucve
CVE-2014-3619
2015-03-27 00:00:00
cvelist
cvelist
CVE-2014-3619
2015-03-27 14:00:00
debiancve
debiancve
CVE-2014-3619
2015-03-27 14:59:01
securityvulns
securityvulns
[ MDVSA-2015:211 ] glusterfs
2015-05-05 00:00:00
glusterfs DoS
2015-05-05 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:03:31
nvd
nvd
CVE-2014-3619
2015-03-27 14:59:01
mageia
mageia
Updated glusterfs packages fix security vulnerabilities
2015-04-15 12:01:28
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0145)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4770-1)
2023-01-27 00:00:00
ubuntu
ubuntu
GlusterFS vulnerabilities
2021-03-15 00:00:00
osv
osv
glusterfs vulnerabilities
2021-03-15 20:13:19
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
8.1 High
AI Score
Confidence
High
0.018 Low
EPSS
Percentile
88.3%
Related for CVE-2014-3619