Apache Team FoundationHTTPD:F8C8FF58A7154D4AEB884460782E6943

HistoryFeb 25, 2014 - 12:00 a.m.

Apache Httpd < 2.4.9 : mod_log_config crash

Vulners
Httpd
Apache Httpd < 2.4.9 : mod_log_config crash

2014-02-2500:00:00

Apache Team Foundation

httpd.apache.org

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.224 Low

EPSS

Percentile

96.5%

JSON

A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.

CPENameOperatorVersion
apache httpdeq2.4.7
apache httpdeq2.4.6
apache httpdeq2.4.4
apache httpdeq2.4.3
apache httpdeq2.4.2
apache httpdeq2.4.1

Name	Operator	Version
apache httpd	eq	2.4.7
apache httpd	eq	2.4.6
apache httpd	eq	2.4.4
apache httpd	eq	2.4.3
apache httpd	eq	2.4.2
apache httpd	eq	2.4.1

nessus 44

httpd 1

checkpoint_advisories 1

prion 1

cve 1

openvas 33

fedora 2

ibm 13

veracode 1

cvelist 1

f5 2

amazon 2

debiancve 1

ubuntucve 1

nvd 1

kaspersky 1

oraclelinux 2

redhat 6

securityvulns 8

freebsd 1

centos 2

slackware 1

threatpost 1

seebug 1

ubuntu 1

mageia 1

gentoo 1

suse 5

hackerone 2

oracle 2

nessus

IBM HTTP Server 8.5.0.0 <= 8.5.5.1 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 (242057)

2020-12-15 00:00:00

Amazon Linux AMI : httpd24 (ALAS-2014-309)

2014-03-28 00:00:00

Fedora 20 : httpd-2.4.9-2.fc20 (2014-4555)

2014-03-31 00:00:00

httpd

Apache Httpd < 2.2.27 : mod_log_config crash

2014-02-25 00:00:00

checkpoint_advisories

Apache HTTP Server mod_log_config Denial of Service (CVE-2014-0098)

2014-04-02 00:00:00

prion

Information disclosure

2014-03-18 05:18:00

cve

CVE-2014-0098

2014-03-18 05:18:18

openvas

Fedora Update for httpd FEDORA-2014-4555

2014-04-03 00:00:00

Fedora Update for httpd FEDORA-2014-4555

2014-04-03 00:00:00

Amazon Linux: Security Advisory (ALAS-2014-309)

2015-09-08 00:00:00

fedora

[SECURITY] Fedora 20 Update: httpd-2.4.9-2.fc20

2014-03-31 02:16:57

[SECURITY] Fedora 19 Update: httpd-2.4.9-1.fc19

2014-04-23 04:33:29

ibm

Security Bulletin: Rational Build Forge Security Advisory (CVE-2014-0098)

2018-06-17 04:53:16

Security Bulletin: Potential Denial of Service in IBM HTTP Server CVE-2014-0098

2018-06-15 06:59:47

Security Bulletin: IBM QRadar SIEM 7.1 MR2, 7.2 MR2, and 7.0 MR5 uses an Apache HTTP Server which contains a denial of service vulnerability (CVE-2014-0098)

2018-06-16 21:18:28

veracode

Denial Of Service (DoS)

2019-05-02 04:58:46

cvelist

CVE-2014-0098

2014-03-18 01:00:00

SOL15320 - Apache vulnerability CVE-2014-0098

2014-06-05 00:00:00

K15320 : Apache vulnerability CVE-2014-0098

2014-12-12 00:00:00

amazon

Medium: httpd24

2014-03-24 23:33:00

Medium: httpd

2014-04-25 16:00:00

debiancve

CVE-2014-0098

2014-03-18 05:18:18

ubuntucve

CVE-2014-0098

2014-03-18 00:00:00

nvd

CVE-2014-0098

2014-03-18 05:18:18

kaspersky

KLA10067 DoS vulnerabilities in Apache httpd

2014-03-26 00:00:00

oraclelinux

httpd security update

2014-04-03 00:00:00

httpd security update

2014-04-03 00:00:00

redhat

(RHSA-2014:0369) Moderate: httpd security update

2014-04-03 00:00:00

(RHSA-2014:0370) Moderate: httpd security update

2014-04-03 00:00:00

(RHSA-2014:0783) Moderate: Red Hat JBoss Web Server 2.0.1 httpd security and bug fix update

2014-06-23 17:50:43

securityvulns

Apache security vulnerabilities

2014-03-24 00:00:00

[ MDVSA-2014:065 ] apache

2014-03-24 00:00:00

APPLE-SA-2014-10-16-1 OS X Yosemite v10.10

2014-10-18 00:00:00

freebsd

apache -- several vulnerabilities

2014-02-25 00:00:00

centos

httpd, mod_ssl security update

2014-04-04 00:08:57

httpd, mod_ssl security update

2014-04-04 00:04:54

slackware

[slackware-security] httpd

2014-03-28 22:54:00

threatpost

Apache Update Resolves Security Vulnerabilities

2014-03-18 12:51:25

seebug

Apache HTTP Server多个拒绝服务漏洞

2014-03-20 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2014-03-24 00:00:00

mageia

Updated apache packages fix security vulnerabilities

2014-03-19 21:40:14

gentoo

Apache HTTP Server: Multiple vulnerabilities

2014-08-29 00:00:00

suse

Security update for apache2 (important)

2014-09-02 19:04:20

Security update for the Apache Web Server (important)

2014-08-07 01:04:17

Security update for apache2 (important)

2014-09-02 20:04:23

hackerone

Marktplaats: Multiple Apache 2.2.22 Vulnerabilities (XSS/ Code Exec/ DoS)

2015-06-09 17:47:58

U.S. Dept Of Defense: Out-of-date Version (Apache)

2016-11-24 15:09:27

oracle

Oracle Critical Patch Update - July 2014

2014-07-15 00:00:00

Oracle Critical Patch Update Advisory - January 2015

2015-03-10 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.224 Low

EPSS

Percentile

96.5%

JSON

Related for HTTPD:F8C8FF58A7154D4AEB884460782E6943