CVE-2014-3581

MEDIUM

Description

The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.

References

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html

http://rhn.redhat.com/errata/RHSA-2015-0325.html

http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup&pathrev=1627749

http://svn.apache.org/viewvc?view=revision&revision=1624234

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.securityfocus.com/bid/71656

http://www.securitytracker.com/id/1031005

http://www.ubuntu.com/usn/USN-2523-1

https://bugzilla.redhat.com/show_bug.cgi?id=1149709

https://exchange.xforce.ibmcloud.com/vulnerabilities/97027

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://security.gentoo.org/glsa/201610-02

https://support.apple.com/HT205219

https://support.apple.com/kb/HT205031

Details

Source: MITRE

Published: 2014-10-10

Updated: 2017-08-29

Type: CWE-399

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:a:apache:apache_http_server:2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:2.4.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:2.4.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:2.4.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:2.4.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:2.4.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:2.4.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:2.4.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:2.4.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:2.4.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:apache_http_server:*:*:*:*:*:*:*:* versions up to 2.4.10 (inclusive)

Tenable Plugins

View all (25 total)

ID	Name	Product	Family	Severity
124922	EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419)	Nessus	Huawei Local Security Checks	high
98907	Apache 2.4.x < 2.4.12 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
93903	GLSA-201610-02 : Apache: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
87458	RHEL 7 : JBoss Web Server (RHSA-2015:2660)	Nessus	Red Hat Local Security Checks	high
87457	RHEL 6 : JBoss Web Server (RHSA-2015:2659)	Nessus	Red Hat Local Security Checks	high
8981	Mac OS X < 10.10.5 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	high
86066	Mac OS X : OS X Server < 5.0.3 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
85409	Mac OS X Multiple Vulnerabilities (Security Update 2015-006)	Nessus	MacOS X Local Security Checks	high
85408	Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high
83945	SUSE SLES12 Security Update : apache2 (SUSE-SU-2015:0974-1)	Nessus	SuSE Local Security Checks	medium
82916	Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : httpd (SSA:2015-111-03)	Nessus	Slackware Local Security Checks	medium
82657	SuSE 11.3 Security Update : apache2 (SAT Patch Number 10533)	Nessus	SuSE Local Security Checks	medium
82346	Mandriva Linux Security Advisory : apache (MDVSA-2015:093)	Nessus	Mandriva Local Security Checks	medium
82252	Scientific Linux Security Update : httpd on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	medium
82216	Debian DLA-71-1 : apache2 security update	Nessus	Debian Local Security Checks	medium
81888	CentOS 7 : httpd (CESA-2015:0325)	Nessus	CentOS Local Security Checks	medium
81837	Fedora 21 : httpd-2.4.10-15.fc21 (2014-17195)	Nessus	Fedora Local Security Checks	medium
81802	Oracle Linux 7 : httpd (ELSA-2015-0325)	Nessus	Oracle Linux Local Security Checks	medium
81755	Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : apache2 vulnerabilities (USN-2523-1)	Nessus	Ubuntu Local Security Checks	medium
81629	RHEL 7 : httpd (RHSA-2015:0325)	Nessus	Red Hat Local Security Checks	medium
81581	Fedora 20 : httpd-2.4.10-2.fc20 (2014-17153)	Nessus	Fedora Local Security Checks	medium
8937	Apache HTTP Server 2.4 < 2.4.12 DoS	Nessus Network Monitor	Web Servers	medium
81329	Amazon Linux AMI : httpd24 (ALAS-2015-483)	Nessus	Amazon Linux Local Security Checks	medium
81126	Apache 2.4.x < 2.4.12 Multiple Vulnerabilities	Nessus	Web Servers	medium
81116	FreeBSD : apache24 -- several vulnerabilities (5804b9d4-a959-11e4-9363-20cf30e32f6d)	Nessus	FreeBSD Local Security Checks	medium