NVD

Id
31706  
Name
CVE-2014-3523  
Description
Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2014-07-20  
Modified Date
2016-11-28  
Seq
2014-3523  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
166548 31706 CVE-2014-3523 http://httpd.apache.org/security/vulnerabilities_24.html  View
166549 31706 CVE-2014-3523 HPSBMU03380  View
166550 31706 CVE-2014-3523 HPSBMU03409  View
166551 31706 CVE-2014-3523 http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c  View
166552 31706 CVE-2014-3523 http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c?r1=1608785&r2=1610652&diff_format=h  View
166553 31706 CVE-2014-3523 68747  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
14601 JVNDB-2014-003476 Windows 上で稼動する Apache HTTP Server の WinNT MPM の server/mpm/winnt/child.c におけるサービス運用妨害 (DoS) の脆弱性 Windows 上で稼動する Apache HTTP Server の WinNT MPM の server/mpm/winnt/child.c 内の winnt_accept 関数には、デフォルトの AcceptFilter が有効な場合、メモリリークにより、サービス運用妨害 (メモリ消費) 状態にされる脆弱性が存在します。 CVE-2014-3523 70811 CVE-2014-3523 31706 5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003476.html 2014-07-15 2015-06-08 View