CVE-2014-8566

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 15-11-2014 10:59

Last modified: - 02-10-2022 10:37

Total changes: - 2

Description

The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflow" involving "sessions overlapping in memory."

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:P/I:N/A:P

Low

Attack complexity

Network

Attack vector

Low

Availability

Low

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

6.4

Base score

10.0

4.9

Exploitability score

Impact score

Verification logic

Reference

62094-
RHSA-2014:1803-
https://github.com/UNINETT/mod_auth_mellon/releases/tag/v0.8.1
[modmellon] 20141103 Information disclosure vulnerability in version 0.8.0 of mod_auth_mellon-Patch, Vendor Advisory
62125-
http://linux.oracle.com/errata/ELSA-2014-1803.html

Keywords

CVE-2014-8566

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2014-8566

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures