CVE-2014-0098

httpd: mod_log_config does not properly handle logging certain cookies resulting in DoS

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.

La función log_cookie en mod_log_config.c en el módulo mod_log_config en el Apache HTTP Server anterior a 2.4.8 permite a atacantes remotos causar una denegación de servicio (fallo de segmentación y caída de demonio) a través de una cookie manipulada que no es manejada debidamente durante truncado.

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module, a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-12-03 CVE Reserved
2014-03-18 CVE Published
2024-08-06 CVE Updated
2025-05-04 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-125: Out-of-bounds Read

CAPEC

References (56)

URL	Tag	Source
http://advisories.mageia.org/MGASA-2014-0135.html	Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698	Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List
http://secunia.com/advisories/58230	Not Applicable
http://secunia.com/advisories/58915	Not Applicable
http://secunia.com/advisories/59219	Not Applicable
http://secunia.com/advisories/59315	Not Applicable
http://secunia.com/advisories/59345	Not Applicable
http://secunia.com/advisories/60536	Not Applicable
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15320.html	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21668973	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676091	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676092	Third Party Advisory
http://www.apache.org/dist/httpd/CHANGES_2.4.9	Broken Link
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	Third Party Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/66303	Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0012.html	Third Party Advisory
https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1	Third Party Advisory
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E	Mailing List
https://puppet.com/security/cve/cve-2014-0098	Third Party Advisory
https://support.apple.com/HT204659	Third Party Advisory
https://support.apple.com/kb/HT6535	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394&r2=1575400&diff_format=h	2023-11-07

URL	Date	SRC
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	2023-11-07
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html	2023-11-07
http://marc.info/?l=bugtraq&m=141017844705317&w=2	2023-11-07
http://marc.info/?l=bugtraq&m=141390017113542&w=2	2023-11-07
http://security.gentoo.org/glsa/glsa-201408-12.xml	2023-11-07
http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES	2023-11-07
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c	2023-11-07
http://www.ubuntu.com/usn/USN-2152-1	2023-11-07
https://httpd.apache.org/security/vulnerabilities_24.html	2023-11-07
https://access.redhat.com/security/cve/CVE-2014-0098	2014-07-01
https://bugzilla.redhat.com/show_bug.cgi?id=1077871	2014-07-01

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				>= 2.2.0 < 2.2.27 Search vendor "Apache" for product "Http Server" and version " >= 2.2.0 < 2.2.27"		-		Affected
Apache Search vendor "Apache"		Http Server Search vendor "Apache" for product "Http Server"				>= 2.4.1 < 2.4.9 Search vendor "Apache" for product "Http Server" and version " >= 2.4.1 < 2.4.9"		-		Affected
Oracle Search vendor "Oracle"		Http Server Search vendor "Oracle" for product "Http Server"				10.1.3.5.0 Search vendor "Oracle" for product "Http Server" and version "10.1.3.5.0"		-		Affected
Oracle Search vendor "Oracle"		Http Server Search vendor "Oracle" for product "Http Server"				11.1.1.7.0 Search vendor "Oracle" for product "Http Server" and version "11.1.1.7.0"		-		Affected
Oracle Search vendor "Oracle"		Http Server Search vendor "Oracle" for product "Http Server"				12.1.2.0 Search vendor "Oracle" for product "Http Server" and version "12.1.2.0"		-		Affected
Oracle Search vendor "Oracle"		Http Server Search vendor "Oracle" for product "Http Server"				12.1.3.0 Search vendor "Oracle" for product "Http Server" and version "12.1.3.0"		-		Affected
Oracle Search vendor "Oracle"		Secure Global Desktop Search vendor "Oracle" for product "Secure Global Desktop"				4.63 Search vendor "Oracle" for product "Secure Global Desktop" and version "4.63"		-		Affected
Oracle Search vendor "Oracle"		Secure Global Desktop Search vendor "Oracle" for product "Secure Global Desktop"				4.71 Search vendor "Oracle" for product "Secure Global Desktop" and version "4.71"		-		Affected
Oracle Search vendor "Oracle"		Secure Global Desktop Search vendor "Oracle" for product "Secure Global Desktop"				5.0 Search vendor "Oracle" for product "Secure Global Desktop" and version "5.0"		-		Affected
Oracle Search vendor "Oracle"		Secure Global Desktop Search vendor "Oracle" for product "Secure Global Desktop"				5.1 Search vendor "Oracle" for product "Secure Global Desktop" and version "5.1"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.10"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				13.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "13.10"		-		Affected