Skip to content

CVE 2015 0253

Jump to bottom Edit New page
Hayden Nier edited this page Dec 19, 2016 · 4 revisions

##CVE-2015-0253: Researched by Joshua James and Hayden Nier

####Commits ######Fixed

  • Github - Hash
  • Number: 6a974059190b8a0c7e499f4ab12fe108127099cb
  • Date: March 4, 2015

######Introduced

  • Github - Hash
  • Number: 70188dee86bb700c271e69149bf991ed3a76ea7b
  • Date: May 7, 2011

####Authors: ######Fixer

  • covener
  • Eric Covener
  • Senior Software Engineer @ IBM
  • BS Computer Security 2003
  • No evidence of a bounty

######Discoverer

  • Kurt Newman
  • Developer III @ cPanel
  • BS Computer Science 2001
  • No sign of bounty

######Introducer

####Mistake The original code set and stored two variables wiithin an if statement. If that if statement was not executed then the variables were not set properly. In a further subroutine, these variables are dereferenced and since they are null and the null pointer exception is not caught, the process will crash. ####Description A crash is possible is the ErrorDocument is configured by pointing it to a local URL that includes filter active. If this is done then a NULL entity will be dereferenced which will lead to memory corruption and a segmentation fault crash. This was only an issue in the 2.4.12 release. ####Tested No ####Exploits Send a request that intentionally lacks a method which will cause a DoS. ####Discussion Discussion - Link The conversation is polite and professional. The bug is resolved just over a month later. There are three people involved. Mr. Newman highlights the bug with a log file showing the issue. Another user mentions having the same problem. Mr. Covener mentions that it was an issue in a specific release and posts that it has been fixed very nearly after that.

This was fixed in patch 2.4.23

Add a custom footer
Add a custom sidebar

Clone this wiki locally