Linux Distros Unpatched Vulnerability : CVE-2016-2146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The amreadpostdata function in modauthmellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service...

RHEL 7 : mod_auth_mellon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - modauthmellon: Cross-site session transfer vulnerability CVE-2017-6807 - The amreadpostdata function in...

RHEL 6 : mod_auth_mellon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - modauthmellon: open redirect in logout url when using URLs with backslashes CVE-2019-3877 - The...

RHEL 6 : mod_auth_mellon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - modauthmellon: open redirect in logout url when using URLs with backslashes CVE-2019-3877 - modauthmellon...

Huawei EulerOS: Security Advisory for mod_auth_mellon (EulerOS-SA-2019-2009)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for mod_auth_mellon (EulerOS-SA-2019-2388)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-2146

The amreadpostdata function in modauthmellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service worker process crash, web server deadlock, or memory consumption via a large amount of POST data...

CVE-2016-2146

The amreadpostdata function in modauthmellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service worker process crash, web server deadlock, or memory consumption via a large amount of POST data...

CVE-2016-2146

CVE-2016-2145/2146 affect mod_auth_mellon prior to 0.11.1: am_read_post_data does not limit/validate POST data, enabling DoS (worker crash, deadlock, memory consumption). Debug/impact: remote attacker can exploit by sending large POST payloads. Affected product: mod_auth_mellon (web authenticatio...