CVE-2014-0226

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.

References

http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c

http://httpd.apache.org/security/vulnerabilities_24.html

http://zerodayinitiative.com/advisories/ZDI-14-236/

http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h

https://bugzilla.redhat.com/show_bug.cgi?id=1120603

http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h

http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c

http://rhn.redhat.com/errata/RHSA-2014-1019.html

http://rhn.redhat.com/errata/RHSA-2014-1021.html

http://rhn.redhat.com/errata/RHSA-2014-1020.html

http://seclists.org/fulldisclosure/2014/Jul/114

http://secunia.com/advisories/60536

http://www.mandriva.com/security/advisories?name=MDVSA-2014:142

http://www.exploit-db.com/exploits/34133

http://www.securityfocus.com/bid/68678

http://www.osvdb.org/109216

http://advisories.mageia.org/MGASA-2014-0304.html

http://www.debian.org/security/2014/dsa-2989

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://advisories.mageia.org/MGASA-2014-0305.html

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

https://support.apple.com/HT204659

http://marc.info/?l=bugtraq&m=144493176821532&w=2

http://marc.info/?l=bugtraq&m=143748090628601&w=2

http://marc.info/?l=bugtraq&m=144050155601375&w=2

http://marc.info/?l=bugtraq&m=143403519711434&w=2

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246

https://security.gentoo.org/glsa/201504-03

http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES

http://security.gentoo.org/glsa/glsa-201408-12.xml

https://puppet.com/security/cve/cve-2014-0226

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e1004502092[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://www.povonsec.com/apache-2-4-7-exploit/

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/rd336919f655b7[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2014-07-20

Updated: 2021-06-06

Type: CWE-362

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (48 total)

IDNameProductFamilySeverity
144289IBM HTTP Server 8.5.0.0 <= 8.5.5.2 / 8.0.0.0 <= 8.0.0.9 / 7.0.0.0 <= 7.0.0.33 / 6.1.0.0. <= 6.1.0.47 / 6.0.2.0 <= 6.0.2.43 Multiple Vulnerabilities (509275)NessusWeb Servers
high
124922EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419)NessusHuawei Local Security Checks
critical
700510Mac OS X 10.10.x < 10.10.3 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
98906Apache 2.4.x < 2.4.10 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
84923HP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK)NessusWeb Servers
high
84878Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685) (credentialed check)NessusMisc.
medium
84877Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685)NessusMisc.
medium
83632SUSE SLES10 Security Update : apache2 (SUSE-SU-2014:1082-1)NessusSuSE Local Security Checks
medium
82733GLSA-201504-03 : Apache: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
82700Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK)NessusMacOS X Local Security Checks
critical
82699Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)NessusMacOS X Local Security Checks
critical
82346Mandriva Linux Security Advisory : apache (MDVSA-2015:093)NessusMandriva Local Security Checks
medium
82211Debian DLA-66-1 : apache2 security updateNessusDebian Local Security Checks
medium
81401IBM WebSphere Application Server 8.0 < Fix Pack 10 Multiple Vulnerabilities (POODLE)NessusWeb Servers
medium
81002Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2015 CPU)NessusWeb Servers
high
80912Oracle Secure Global Desktop Multiple Vulnerabilities (January 2015 CPU) (POODLE)NessusMisc.
medium
80589Oracle Solaris Third-Party Patch Update : apache (multiple_denial_of_service_dos5)NessusSolaris Local Security Checks
medium
80398IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.4 Multiple Vulnerabilities (POODLE)NessusWeb Servers
medium
80043openSUSE Security Update : apache2 (openSUSE-SU-2014:1647-1)NessusSuSE Local Security Checks
medium
78604IBM WebSphere Application Server 7.0 < Fix Pack 35 Multiple VulnerabilitiesNessusWeb Servers
medium
78332Amazon Linux AMI : httpd24 (ALAS-2014-389)NessusAmazon Linux Local Security Checks
medium
78331Amazon Linux AMI : httpd (ALAS-2014-388)NessusAmazon Linux Local Security Checks
medium
77531Apache 2.2.x < 2.2.28 Multiple VulnerabilitiesNessusWeb Servers
high
77456GLSA-201408-12 : Apache HTTP Server: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
77357RHEL 5 : JBoss Web Server (RHSA-2014:1088)NessusRed Hat Local Security Checks
medium
77356RHEL 6 : JBoss Web Server (RHSA-2014:1087)NessusRed Hat Local Security Checks
medium
77292openSUSE Security Update : apache2 (openSUSE-SU-2014:1044-1)NessusSuSE Local Security Checks
medium
77291openSUSE Security Update : apache2 (openSUSE-SU-2014:1045-1)NessusSuSE Local Security Checks
medium
77207Fedora 19 : httpd-2.4.10-1.fc19 (2014-9057)NessusFedora Local Security Checks
medium
77079RHEL 6 : JBoss EAP (RHSA-2014:1020)NessusRed Hat Local Security Checks
medium
77078RHEL 5 : JBoss EAP (RHSA-2014:1019)NessusRed Hat Local Security Checks
medium
77048SuSE 11.3 Security Update : Apache Web Server (SAT Patch Number 9542)NessusSuSE Local Security Checks
medium
76923Mandriva Linux Security Advisory : apache (MDVSA-2014:142)NessusMandriva Local Security Checks
medium
76905RHEL 7 : httpd (RHSA-2014:0921)NessusRed Hat Local Security Checks
medium
8343Apache HTTP Server 2.4.1 to 2.4.4, 2.4.6, 2.4.7, 2.4.9 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
76852Fedora 20 : httpd-2.4.10-1.fc20 (2014-8742)NessusFedora Local Security Checks
medium
76844Debian DSA-2989-1 : apache2 - security updateNessusDebian Local Security Checks
medium
76780FreeBSD : apache22 -- several vulnerabilities (f927e06c-1109-11e4-b090-20cf30e32f6d)NessusFreeBSD Local Security Checks
medium
76757Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS : apache2 vulnerabilities (USN-2299-1)NessusUbuntu Local Security Checks
medium
76753Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64 (20140723)NessusScientific Linux Local Security Checks
medium
76749RHEL 5 / 6 : httpd (RHSA-2014:0920)NessusRed Hat Local Security Checks
medium
76745Oracle Linux 7 : httpd (ELSA-2014-0921)NessusOracle Linux Local Security Checks
medium
76744Oracle Linux 5 / 6 : httpd (ELSA-2014-0920)NessusOracle Linux Local Security Checks
medium
76716CentOS 7 : httpd (CESA-2014:0921)NessusCentOS Local Security Checks
medium
76715CentOS 5 / 6 : httpd (CESA-2014:0920)NessusCentOS Local Security Checks
medium
76712Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : httpd (SSA:2014-204-01)NessusSlackware Local Security Checks
medium
76622Apache 2.4.x < 2.4.10 Multiple VulnerabilitiesNessusWeb Servers
high
76614FreeBSD : apache24 -- several vulnerabilities (4364e1f1-0f44-11e4-b090-20cf30e32f6d)NessusFreeBSD Local Security Checks
medium