Vulnerability Description
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Http Server | 2.4.12 |
| Apple | Mac Os X | 10.10.4 |
| Apple | Mac Os X Server | 5.0.3 |
| Oracle | Linux | 7 |
| Oracle | Solaris | 11.3 |
References
- http://httpd.apache.org/security/vulnerabilities_24.htmlVendor Advisory
- http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlMailing List
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.htmlMailing List
- http://rhn.redhat.com/errata/RHSA-2015-1666.html
- http://www.apache.org/dist/httpd/CHANGES_2.4Release NotesVendor Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlThird Party Advisory
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.hThird Party Advisory
- http://www.securityfocus.com/bid/75964
- http://www.securitytracker.com/id/1032967
- https://bz.apache.org/bugzilla/show_bug.cgi?id=57531Issue Tracking
- https://github.com/apache/httpd/commit/6a974059190b8a0c7e499f4ab12fe108127099cb
- https://github.com/apache/httpd/commit/be0f5335e3e73eb63253b050fdc23f252f5c8ae3
- https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cd
- https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e10
- https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37
FAQ
What is CVE-2015-0253?
CVE-2015-0253 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL...
How severe is CVE-2015-0253?
CVE-2015-0253 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0253?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Apple Mac Os X, Apple Mac Os X Server, Oracle Linux, Oracle Solaris.