Lucene search
Veracode Vulnerability DatabaseVERACODE:11511HistoryJan 15, 2019 - 9:03 a.m.
Information Disclosure
2019-01-1509:03:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.023 Low
EPSS
Percentile
89.8%
mod_auth_mellon is vulnerable to information disclosure attacks. The vulnerability exists as the mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a “session overflow” involving “sessions overlapping in memory.”
| CPE | Name | Operator | Version |
|---|---|---|---|
| mod_auth_mellon | eq | 0.8.0__2.el6 |
References
linux.oracle.com/errata/ELSA-2014-1803.html
rhn.redhat.com/errata/RHSA-2014-1803.html
secunia.com/advisories/62094
secunia.com/advisories/62125
access.redhat.com/security/updates/classification/#important
github.com/UNINETT/mod_auth_mellon/releases/tag/v0.8.1
postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html
rhn.redhat.com/errata/RHSA-2014-1803.html
Related
cve
cve
CVE-2014-8566
2014-11-15 21:59:06
prion
prion
Design/Logic Flaw
2014-11-15 21:59:00
ubuntucve
ubuntucve
CVE-2014-8566
2014-11-15 00:00:00
cvelist
cvelist
CVE-2014-8566
2014-11-15 21:00:00
nvd
nvd
CVE-2014-8566
2014-11-15 21:59:06
debiancve
debiancve
CVE-2014-8566
2014-11-15 21:59:06
nessus
nessus
RHEL 6 : mod_auth_mellon (RHSA-2014:1803)
2014-11-06 00:00:00
CentOS 6 : mod_auth_mellon (CESA-2014:1803)
2014-11-06 00:00:00
centos
centos
mod_auth_mellon security update
2014-11-05 12:06:15
openvas
openvas
CentOS Update for mod_auth_mellon CESA-2014:1803 centos6
2014-11-06 00:00:00
RedHat Update for mod_auth_mellon RHSA-2014:1803-01
2014-11-06 00:00:00
Oracle: Security Advisory (ELSA-2014-1803)
2015-10-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:37
oraclelinux
oraclelinux
mod_auth_mellon security update
2014-11-05 00:00:00
redhat
redhat
(RHSA-2014:1803) Important: mod_auth_mellon security update
2014-11-05 00:00:00