Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM9D573F21D46EBA6196F1CCD9320BAF80E819F1541B6EB8C26E4C4AA09A2AD9F3
HistoryJun 16, 2018 - 7:37 p.m.

Security Bulletin: IBM Tealeaf Customer Experience is affected by a vulnerability in the Apache HTTP server, caused by an error in the mod_log_config module (CVE-2014-0098)

2018-06-1619:37:06
www.ibm.com
9

EPSS

0.224

Percentile

96.5%

JSON

Summary

Apache HTTP Server is vulnerable to a denial of service, caused by an error in the mod_log_config module.

Vulnerability Details

CVE-ID:CVE-2014-0098

DESCRIPTION: IBM Tealeaf Customer Experience’s PCA uses the Apache HTTP server to render its web console. Apache HTTP server is vulnerable to a denial of service caused by an error in the mod_log_config module.The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.

CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/91879

CVSS Environcomental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Affected Products and Versions

IBM Tealeaf Customer Experience v8.0-v8.8

Remediation/Fixes

Product

|

VRMF

|

Remediation/First Fix

—|—|—

IBM Tealeaf Customer Experience

|

8.8

| https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8_IBMTealeaf_PCA-3625-4_SecurityRollup_FixPack

IBM Tealeaf Customer Experience

|

8.7

| https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7_IBMTealeaf_PCA-3615-4_SecurityRollup_FixPack

IBM Tealeaf Customer Experience

|

8.6 and earlier

| You can contact the Technical Support team for guidance.
For versions before v8.7, IBM recommends upgrading to a later supported version of the product.

Workarounds and Mitigations

Customers can disable the PCA web console until mod_log_configure.so is updated to the version that fixes the vulnerability. If customers choose to disable the PCA web console, they can manually configure it by editing the Passive Capture Configuration and the Privacy Rules Configuration files as described below.

To disable the PCA web management console from starting up:
Refer to Disabling Web Server for the Web Console section in Passive Capture Guide.pdf

The basic steps are:
- From command line, enter the command:
tealeaf disable httpd
- Restart the PCA, enter the command: tealeaf restart all
- A message is displayed indicating the web management console is disabled:
tealeaf: notice: httpd is disabled.
Manual Configuration
For manual configuration, refer to the following sections in the PCA manual:

For the configuration file:
See section entitled: _Passive Capture Configuration File _

For privacy rules file:
See section entitled: PCA Web Console - Rules Tab
The actual rules format is detailed at the top of the configuration file itself.

Related

checkpoint_advisories 1
prion 1
nessus 44
httpd 2
cve 1
cvelist 1
fedora 2
ibm 12
veracode 1
openvas 33
nvd 1
f5 2
debiancve 1
amazon 2
ubuntucve 1
kaspersky 1
redhat 6
oraclelinux 2
securityvulns 8
mageia 1
threatpost 1
freebsd 1
slackware 1
centos 2
seebug 1
ubuntu 1
gentoo 1
suse 5
hackerone 2
oracle 2
checkpoint_advisories
checkpoint_advisories
Apache HTTP Server mod_log_config Denial of Service (CVE-2014-0098)
2014-04-02 00:00:00
prion
prion
Information disclosure
2014-03-18 05:18:00
nessus
nessus
IBM HTTP Server 8.5.0.0 <= 8.5.5.1 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 (242057)
2020-12-15 00:00:00
Amazon Linux AMI : httpd24 (ALAS-2014-309)
2014-03-28 00:00:00
Fedora 20 : httpd-2.4.9-2.fc20 (2014-4555)
2014-03-31 00:00:00
httpd
httpd
Apache Httpd < 2.2.27 : mod_log_config crash
2014-02-25 00:00:00
Apache Httpd < 2.4.9 : mod_log_config crash
2014-02-25 00:00:00
cve
cve
CVE-2014-0098
2014-03-18 05:18:18
cvelist
cvelist
CVE-2014-0098
2014-03-18 01:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: httpd-2.4.9-2.fc20
2014-03-31 02:16:57
[SECURITY] Fedora 19 Update: httpd-2.4.9-1.fc19
2014-04-23 04:33:29
ibm
ibm
Security Bulletin: Rational Build Forge Security Advisory (CVE-2014-0098)
2018-06-17 04:53:16
Security Bulletin: IBM QRadar SIEM 7.1 MR2, 7.2 MR2, and 7.0 MR5 uses an Apache HTTP Server which contains a denial of service vulnerability (CVE-2014-0098)
2018-06-16 21:18:28
Security Bulletin: Potential Denial of Service in IBM HTTP Server CVE-2014-0098
2018-06-15 06:59:47
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:58:46
openvas
openvas
Fedora Update for httpd FEDORA-2014-4555
2014-04-03 00:00:00
Fedora Update for httpd FEDORA-2014-4555
2014-04-03 00:00:00
Amazon Linux: Security Advisory (ALAS-2014-309)
2015-09-08 00:00:00
nvd
nvd
CVE-2014-0098
2014-03-18 05:18:18
f5
f5
K15320 : Apache vulnerability CVE-2014-0098
2014-12-12 00:00:00
SOL15320 - Apache vulnerability CVE-2014-0098
2014-06-05 00:00:00
debiancve
debiancve
CVE-2014-0098
2014-03-18 05:18:18
amazon
amazon
Medium: httpd24
2014-03-24 23:33:00
Medium: httpd
2014-04-25 16:00:00
ubuntucve
ubuntucve
CVE-2014-0098
2014-03-18 00:00:00
kaspersky
kaspersky
KLA10067 DoS vulnerabilities in Apache httpd
2014-03-26 00:00:00
redhat
redhat
(RHSA-2014:0370) Moderate: httpd security update
2014-04-03 00:00:00
(RHSA-2014:0369) Moderate: httpd security update
2014-04-03 00:00:00
(RHSA-2014:0783) Moderate: Red Hat JBoss Web Server 2.0.1 httpd security and bug fix update
2014-06-23 17:50:43
oraclelinux
oraclelinux
httpd security update
2014-04-03 00:00:00
httpd security update
2014-04-03 00:00:00
securityvulns
securityvulns
Apache security vulnerabilities
2014-03-24 00:00:00
[ MDVSA-2014:065 ] apache
2014-03-24 00:00:00
APPLE-SA-2014-10-16-1 OS X Yosemite v10.10
2014-10-18 00:00:00
mageia
mageia
Updated apache packages fix security vulnerabilities
2014-03-19 21:40:14
threatpost
threatpost
Apache Update Resolves Security Vulnerabilities
2014-03-18 12:51:25
freebsd
freebsd
apache -- several vulnerabilities
2014-02-25 00:00:00
slackware
slackware
[slackware-security] httpd
2014-03-28 22:54:00
centos
centos
httpd, mod_ssl security update
2014-04-04 00:08:57
httpd, mod_ssl security update
2014-04-04 00:04:54
seebug
seebug
Apache HTTP Server多个拒绝服务漏洞
2014-03-20 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2014-03-24 00:00:00
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2014-08-29 00:00:00
suse
suse
Security update for apache2 (important)
2014-09-02 19:04:20
Security update for the Apache Web Server (important)
2014-08-07 01:04:17
Security update for apache2 (important)
2014-09-02 20:04:23
hackerone
hackerone
Marktplaats: Multiple Apache 2.2.22 Vulnerabilities (XSS/ Code Exec/ DoS)
2015-06-09 17:47:58
U.S. Dept Of Defense: Out-of-date Version (Apache)
2016-11-24 15:09:27
oracle
oracle
Oracle Critical Patch Update - July 2014
2014-07-15 00:00:00
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00

EPSS

0.224

Percentile

96.5%

JSON
Related for 9D573F21D46EBA6196F1CCD9320BAF80E819F1541B6EB8C26E4C4AA09A2AD9F3
checkpoint_advisories1prion1nessus44httpd2cve1cvelist1fedora2ibm12veracode1openvas33nvd1f52debiancve1amazon2ubuntucve1kaspersky1redhat6oraclelinux2securityvulns8mageia1threatpost1freebsd1slackware1centos2seebug1ubuntu1gentoo1suse5hackerone2oracle2