CVE-2016-3110

mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element.
References
Link Resource
http://rhn.redhat.com/errata/RHSA-2016-1648.html Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-1649.html Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-1650.html Broken Link
http://rhn.redhat.com/errata/RHSA-2016-2054.html Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-2055.html Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-2056.html Broken Link
http://www.securityfocus.com/bid/92584 Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1326320 Issue Tracking
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL/
http://rhn.redhat.com/errata/RHSA-2016-1648.html Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-1649.html Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-1650.html Broken Link
http://rhn.redhat.com/errata/RHSA-2016-2054.html Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-2055.html Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-2056.html Broken Link
http://www.securityfocus.com/bid/92584 Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1326320 Issue Tracking
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL/
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:2.1:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

History

21 Nov 2024, 02:49

Type Values Removed Values Added
References () http://rhn.redhat.com/errata/RHSA-2016-1648.html - Vendor Advisory () http://rhn.redhat.com/errata/RHSA-2016-1648.html - Vendor Advisory
References () http://rhn.redhat.com/errata/RHSA-2016-1649.html - Vendor Advisory () http://rhn.redhat.com/errata/RHSA-2016-1649.html - Vendor Advisory
References () http://rhn.redhat.com/errata/RHSA-2016-1650.html - Broken Link () http://rhn.redhat.com/errata/RHSA-2016-1650.html - Broken Link
References () http://rhn.redhat.com/errata/RHSA-2016-2054.html - Vendor Advisory () http://rhn.redhat.com/errata/RHSA-2016-2054.html - Vendor Advisory
References () http://rhn.redhat.com/errata/RHSA-2016-2055.html - Vendor Advisory () http://rhn.redhat.com/errata/RHSA-2016-2055.html - Vendor Advisory
References () http://rhn.redhat.com/errata/RHSA-2016-2056.html - Broken Link () http://rhn.redhat.com/errata/RHSA-2016-2056.html - Broken Link
References () http://www.securityfocus.com/bid/92584 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/92584 - Third Party Advisory, VDB Entry
References () https://bugzilla.redhat.com/show_bug.cgi?id=1326320 - Issue Tracking () https://bugzilla.redhat.com/show_bug.cgi?id=1326320 - Issue Tracking
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL/ -

Information

Published : 2016-09-26 14:59

Updated : 2024-11-21 02:49


NVD link : CVE-2016-3110

Mitre link : CVE-2016-3110

CVE.ORG link : CVE-2016-3110


JSON object : View

Products Affected

redhat

  • jboss_enterprise_application_platform
  • enterprise_linux
  • jboss_enterprise_web_server

fedoraproject

  • fedora
CWE
CWE-20

Improper Input Validation