1. CVE-Search
  2. CVE-2014-3581
ID CVE-2014-3581
Summary The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.
References
Vulnerable Configurations
  • cpe:2.3:a:apache:apache_http_server:2.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:2.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:2.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:2.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:2.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:2.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:2.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:2.4.8:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.8:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:2.4.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:2.4.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:apache_http_server:*:*:*:*:*:*:*:*
    cpe:2.3:a:apache:apache_http_server:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 29-08-2017 - 01:34)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 1149709
title CVE-2014-3581 httpd: NULL pointer dereference in mod_cache if Content-Type has empty value
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 7 is installed
      oval oval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • comment httpd is earlier than 0:2.4.6-31.el7
          oval oval:com.redhat.rhsa:tst:20150325001
        • comment httpd is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152194002
      • AND
        • comment httpd-devel is earlier than 0:2.4.6-31.el7
          oval oval:com.redhat.rhsa:tst:20150325003
        • comment httpd-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152194004
      • AND
        • comment httpd-manual is earlier than 0:2.4.6-31.el7
          oval oval:com.redhat.rhsa:tst:20150325005
        • comment httpd-manual is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152194006
      • AND
        • comment httpd-tools is earlier than 0:2.4.6-31.el7
          oval oval:com.redhat.rhsa:tst:20150325007
        • comment httpd-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152194008
      • AND
        • comment mod_ldap is earlier than 0:2.4.6-31.el7
          oval oval:com.redhat.rhsa:tst:20150325009
        • comment mod_ldap is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152194010
      • AND
        • comment mod_proxy_html is earlier than 1:2.4.6-31.el7
          oval oval:com.redhat.rhsa:tst:20150325011
        • comment mod_proxy_html is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152194012
      • AND
        • comment mod_session is earlier than 0:2.4.6-31.el7
          oval oval:com.redhat.rhsa:tst:20150325013
        • comment mod_session is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152194014
      • AND
        • comment mod_ssl is earlier than 1:2.4.6-31.el7
          oval oval:com.redhat.rhsa:tst:20150325015
        • comment mod_ssl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152194016
rhsa
id RHSA-2015:0325
released 2015-03-05
severity Low
title RHSA-2015:0325: httpd security, bug fix, and enhancement update (Low)
rpms
  • httpd24-httpd-0:2.4.6-22.el6
  • httpd24-httpd-0:2.4.6-25.el7
  • httpd24-httpd-debuginfo-0:2.4.6-22.el6
  • httpd24-httpd-debuginfo-0:2.4.6-25.el7
  • httpd24-httpd-devel-0:2.4.6-22.el6
  • httpd24-httpd-devel-0:2.4.6-25.el7
  • httpd24-httpd-manual-0:2.4.6-22.el6
  • httpd24-httpd-manual-0:2.4.6-25.el7
  • httpd24-httpd-tools-0:2.4.6-22.el6
  • httpd24-httpd-tools-0:2.4.6-25.el7
  • httpd24-mod_ldap-0:2.4.6-22.el6
  • httpd24-mod_ldap-0:2.4.6-25.el7
  • httpd24-mod_proxy_html-1:2.4.6-22.el6
  • httpd24-mod_proxy_html-1:2.4.6-25.el7
  • httpd24-mod_session-0:2.4.6-22.el6
  • httpd24-mod_session-0:2.4.6-25.el7
  • httpd24-mod_ssl-1:2.4.6-22.el6
  • httpd24-mod_ssl-1:2.4.6-25.el7
  • httpd-0:2.4.6-31.el7
  • httpd-debuginfo-0:2.4.6-31.el7
  • httpd-devel-0:2.4.6-31.el7
  • httpd-manual-0:2.4.6-31.el7
  • httpd-tools-0:2.4.6-31.el7
  • mod_ldap-0:2.4.6-31.el7
  • mod_proxy_html-1:2.4.6-31.el7
  • mod_session-0:2.4.6-31.el7
  • mod_ssl-1:2.4.6-31.el7
  • apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6
  • apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6
  • httpd24-0:2.4.6-59.ep7.el6
  • httpd24-debuginfo-0:2.4.6-59.ep7.el6
  • httpd24-devel-0:2.4.6-59.ep7.el6
  • httpd24-manual-0:2.4.6-59.ep7.el6
  • httpd24-tools-0:2.4.6-59.ep7.el6
  • mod_bmx-0:0.9.5-7.GA.ep7.el6
  • mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6
  • mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6
  • mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6
  • mod_ldap24-0:2.4.6-59.ep7.el6
  • mod_proxy24_html-1:2.4.6-59.ep7.el6
  • mod_session24-0:2.4.6-59.ep7.el6
  • mod_ssl24-1:2.4.6-59.ep7.el6
  • tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6
  • tomcat7-0:7.0.59-42_patch_01.ep7.el6
  • tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6
  • tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6
  • tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6
  • tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6
  • tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6
  • tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6
  • tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6
  • tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6
  • tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6
  • tomcat8-0:8.0.18-52_patch_01.ep7.el6
  • tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6
  • tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6
  • tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6
  • tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6
  • tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6
  • tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6
  • tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6
  • tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6
  • tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6
  • apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7
  • apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7
  • httpd24-0:2.4.6-59.ep7.el7
  • httpd24-debuginfo-0:2.4.6-59.ep7.el7
  • httpd24-devel-0:2.4.6-59.ep7.el7
  • httpd24-manual-0:2.4.6-59.ep7.el7
  • httpd24-tools-0:2.4.6-59.ep7.el7
  • mod_bmx-0:0.9.5-7.GA.ep7.el7
  • mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7
  • mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7
  • mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7
  • mod_ldap24-0:2.4.6-59.ep7.el7
  • mod_proxy24_html-1:2.4.6-59.ep7.el7
  • mod_session24-0:2.4.6-59.ep7.el7
  • mod_ssl24-1:2.4.6-59.ep7.el7
  • tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7
  • tomcat7-0:7.0.59-42_patch_01.ep7.el7
  • tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7
  • tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7
  • tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7
  • tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7
  • tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7
  • tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7
  • tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7
  • tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7
  • tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7
  • tomcat8-0:8.0.18-52_patch_01.ep7.el7
  • tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7
  • tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7
  • tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7
  • tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7
  • tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7
  • tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7
  • tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7
  • tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7
  • tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7
refmap via4
apple
  • APPLE-SA-2015-08-13-2
  • APPLE-SA-2015-09-16-4
bid 71656
confirm
gentoo GLSA-201610-02
mlist
  • [httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
sectrack 1031005
ubuntu USN-2523-1
xf apache-cve20143581-dos(97027)
Last major update 29-08-2017 - 01:34
Published 10-10-2014 - 10:55
Last modified 29-08-2017 - 01:34
Back to Top