CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3639 – mod_auth_mellon: Open Redirect vulnerability in logout URLs
https://notcve.org/view.php?id=CVE-2021-3639
A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity. Se ha encontrado un fallo en mod_auth_mellon que no sanea correctamente las URL de cierre de sesión. Este problema podría ser usado por un atacante para facilitar los ataques de phishing engañando a usuarios para que visiten la URL de una aplicación web confiable que redirige a un servidor externo y potencialmente malicioso. • https://access.redhat.com/security/cve/CVE-2021-3639 https://bugzilla.redhat.com/show_bug.cgi?id=1980648 https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6807
https://notcve.org/view.php?id=CVE-2017-6807
mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a server can copy their session cookie to a different web site on the same server to get access to that site. mod_auth_mellon en versiones anteriores a 0.13.1 es vulnerable a un ataque de Transferencia de Sesión en Sitios Cruzados, donde un usuario con acceso a un sitio web ejecutándose en un servidor puede copiar su cookie de sesión a un sitio web diferente en el mismo servidor para obtener acceso a dicho sitio. • http://www.securityfocus.com/bid/96843 https://github.com/UNINETT/mod_auth_mellon/releases/tag/v0.13.1 https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2017-03/msg00008.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2145
https://notcve.org/view.php?id=CVE-2016-2145
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_block function returns an error, which allows remote attackers to cause a denial of service (segmentation fault and process crash) via a crafted POST data. La función am_read_post_data en mod_auth_mellon en versiones anteriores a 0.11.1 no comprueba si la función ap_get_client_block devuelve un error, lo que permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación y caída de proceso) a través de unos datos POST manipulados. • http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html https://github.com/UNINETT/mod_auth_mellon/pull/71 https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2146
https://notcve.org/view.php?id=CVE-2016-2146
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount of POST data. La función am_read_post_data en mod_auth_mellon en versiones anteriores a 0.11.1 no limita la cantidad de lectura de datos, lo que permite a atacantes remotos provocar una denegación de servicio (caída del proceso trabajador, interbloqueo de servidor de red o consumo de memoria) a través de una gran cantidad de daots POST. • http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html https://github.com/UNINETT/mod_auth_mellon/pull/71 https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.4EPSS: 1%CPEs: 7EXPL: 0CVE-2014-8567 – mod_auth_mellon: logout processing leads to denial of service
https://notcve.org/view.php?id=CVE-2014-8567
The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data. El módulo mod_auth_mellon anterior a 0.8.1 permite a atacantes remotos causar una denegación de servicio (caída del servidor Apache HTTP) a través de una petición de apagado del servicio Apache manipulada. It was found that uninitialized data could be accessed when processing a user's logout request. By attempting to log out, a user could possibly cause the Apache HTTP Server to crash. • http://linux.oracle.com/errata/ELSA-2014-1803.html http://rhn.redhat.com/errata/RHSA-2014-1803.html http://secunia.com/advisories/62094 http://secunia.com/advisories/62125 https://github.com/UNINETT/mod_auth_mellon/commit/0f5b4fd860fa7e3a6c47201637aab05395f32647 https://postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html https://access.redhat.com/security/cve/CVE-2014-8567 https://bugzilla.redhat.com/show_bug.cgi?id=1157954 • CWE-399: Resource Management Errors •