4.3 - CVE-2013-4352

Executive Summary

Informations
Name	CVE-2013-4352	First vendor Publication	2014-07-20
Vendor	Cve	Last vendor Modification	2023-11-07

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4352

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apache Http Server cpe:2.3:a:apache:http_server:2.4.6:::::::*	1

Snort® IPS/IDS

Date	Description
2015-09-15	Apache HTTP server mod_cache denial of service attempt RuleID : 35532 - Revision : 3 - Type : SERVER-WEBAPP
2015-09-15	Apache HTTP server mod_cache denial of service attempt RuleID : 35531 - Revision : 3 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date	Description
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_apache_20141014.nasl - Type : ACT_GATHER_INFO
2014-08-21	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-503.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote web server is affected by a denial of service vulnerability. File : apache_2_4_7.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0921.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0921.nasl - Type : ACT_GATHER_INFO
2014-07-24	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0921.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
CONFIRM	http://httpd.apache.org/security/vulnerabilities_24.html http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c?... https://bugzilla.redhat.com/show_bug.cgi?id=1120604

Alert History

If you want to see full details history, please login or register.

Date	Informations
2023-11-07 21:45:24	Multiple Updates
2021-06-06 17:23:01	Multiple Updates
2021-05-04 12:28:55	Multiple Updates
2021-04-22 01:35:05	Multiple Updates
2021-03-30 17:22:49	Multiple Updates
2020-05-23 00:38:00	Multiple Updates
2019-08-15 13:19:32	Multiple Updates
2016-07-21 12:03:43	Multiple Updates
2015-09-15 21:22:51	Multiple Updates
2015-01-21 13:26:21	Multiple Updates
2014-08-22 13:26:46	Multiple Updates
2014-08-05 00:22:52	Multiple Updates
2014-07-31 13:24:45	Multiple Updates
2014-07-25 13:21:37	Multiple Updates
2014-07-22 05:26:42	Multiple Updates
2014-07-20 17:21:38	First insertion

Global Informations

Type	Count
CPE ID(s)	1
Sources(s)	16
Snort® Rule(s)	2
Nessus® Exploit(s)	6

	Related
6.8	RHSA-2014:0922
6.8	RHSA-2014:0921
5.5	CVE-2020-13938
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 3 more Alert(s)

4.3 - CVE-2013-4352

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU