Executive Summary

Informations
NameCVE-2013-2249First vendor Publication2013-07-23
VendorCveLast vendor Modification2017-01-06

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2249

CPE : Common Platform Enumeration

TypeDescriptionCount
Application220
Os1

Information Assurance Vulnerability Management (IAVM)

DateDescription
2013-07-25IAVM : 2013-A-0146 - Multiple Security Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0039573

Nessus® Vulnerability Scanner

DateDescription
2016-06-23Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa10698.nasl - Type : ACT_GATHER_INFO
2013-08-20Name : The remote Fedora host is missing a security update.
File : fedora_2013-13922.nasl - Type : ACT_GATHER_INFO
2013-08-10Name : The remote Fedora host is missing a security update.
File : fedora_2013-13994.nasl - Type : ACT_GATHER_INFO
2013-08-07Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2013-218-02.nasl - Type : ACT_GATHER_INFO
2013-07-23Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_4_6.nasl - Type : ACT_GATHER_INFO
2013-07-22Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_ca4d63fbf15c11e2b18320cf30e32f6d.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
CISCO http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-2249
CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_db...
http://www.apache.org/dist/httpd/CHANGES_2.4.6
https://httpd.apache.org/security/vulnerabilities_24.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
DateInformations
2018-09-22 12:04:52
  • Multiple Updates
2018-04-19 12:04:11
  • Multiple Updates
2017-10-03 12:00:56
  • Multiple Updates
2017-07-25 12:02:22
  • Multiple Updates
2017-01-07 09:25:12
  • Multiple Updates
2016-09-30 01:04:12
  • Multiple Updates
2016-06-28 19:28:52
  • Multiple Updates
2016-06-24 13:26:47
  • Multiple Updates
2016-04-06 17:23:39
  • Multiple Updates
2015-10-20 16:19:21
  • Multiple Updates
2015-10-20 09:22:44
  • Multiple Updates
2014-02-17 11:19:17
  • Multiple Updates
2013-11-11 12:40:23
  • Multiple Updates
2013-08-30 17:22:42
  • Multiple Updates
2013-07-27 13:19:17
  • Multiple Updates
2013-07-23 21:19:19
  • First insertion