CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.6%
Marek Kroemeke discovered that the mod_proxy module incorrectly handled
certain requests. A remote attacker could use this issue to cause the
server to stop responding, leading to a denial of service. This issue only
affected Ubuntu 14.04 LTS. (CVE-2014-0117)
Giancarlo Pellegrino and Davide Balzarotti discovered that the mod_deflate
module incorrectly handled body decompression. A remote attacker could use
this issue to cause resource consumption, leading to a denial of service.
(CVE-2014-0118)
Marek Kroemeke and others discovered that the mod_status module incorrectly
handled certain requests. A remote attacker could use this issue to cause
the server to stop responding, leading to a denial of service, or possibly
execute arbitrary code. (CVE-2014-0226)
Rainer Jung discovered that the mod_cgid module incorrectly handled certain
scripts. A remote attacker could use this issue to cause the server to stop
responding, leading to a denial of service. (CVE-2014-0231)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.04 | noarch | apache2-bin | < 2.4.7-1ubuntu4.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | apache2 | < 2.4.7-1ubuntu4.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | apache2-dbg | < 2.4.7-1ubuntu4.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | apache2-dev | < 2.4.7-1ubuntu4.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | apache2-mpm-event | < 2.4.7-1ubuntu4.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | apache2-mpm-itk | < 2.4.7-1ubuntu4.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | apache2-mpm-prefork | < 2.4.7-1ubuntu4.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | apache2-mpm-worker | < 2.4.7-1ubuntu4.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | apache2-suexec | < 2.4.7-1ubuntu4.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | apache2-suexec-custom | < 2.4.7-1ubuntu4.1 | UNKNOWN |