CVE-2014-8566: Infoleak
First published: Sat Nov 15 2014(Updated: )
The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflow" involving "sessions overlapping in memory."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Uninett Mod Auth Mellon | <=0.8.0 | |
| Oracle Linux | =6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://linux.oracle.com/errata/ELSA-2014-1803.html
- http://rhn.redhat.com/errata/RHSA-2014-1803.html
- http://secunia.com/advisories/62094
- http://secunia.com/advisories/62125
- https://github.com/UNINETT/mod_auth_mellon/releases/tag/v0.8.1
- https://postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/uninett
- canonical/uninett mod auth mellon
- version/uninett mod auth mellon/0.8.0
- vendor/oracle
- canonical/oracle linux
- version/oracle linux/6