CVE-2014-8567

Published: Nov 14, 2014Modified: May 6, 2026

9.4

Vector

AV:N/AC:L/Au:N/C:N/I:C/A:C

Exploitability: 10.0 / Impact: 9.2

Source: NVD

Description

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

Affected (7)

Products: Uninett: Mod Auth Mellon · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus, Enterprise Linux Workstation

Uninett

1 product

Mod Auth Mellon

Redhat

6 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Eus

Enterprise Linux Server Tus

Enterprise Linux Workstation

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Uninett Mod Auth Mellon	Before 0.8.1

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server Aus	Version 6.6
Redhat Enterprise Linux Server Eus	Version 6.6
Redhat Enterprise Linux Server Tus	Version 6.6
Redhat Enterprise Linux Workstation	Version 6.0