CVE-2014-3583CVE-2014-3583

Affected configuration(s):

cpe:/a:apache:http_server:2.4.10
cpe:/o:apple:mac_os_x:10.9.5
cpe:/o:apple:mac_os_x:10.10.0
cpe:/o:apple:mac_os_x:10.10.1
cpe:/o:apple:mac_os_x:10.10.2
cpe:/o:apple:mac_os_x:10.10.3
cpe:/o:apple:mac_os_x:10.10.4
cpe:/o:apple:os_x_server:5.0.3
cpe:/o:canonical:ubuntu_linux:10.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:14.10

Date published: 2014-12-15T13:59:02.190-05:00

Date last modified: 2017-10-02T21:29:00.387-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://httpd.apache.org/security/vulnerabilities_24.html

Summary: The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.