CVE-2013-6438
medium
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
5.0
Description
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
Ubuntu Affected 4 releases
| Version | Status | Fixed in |
|---|---|---|
| 13.10 | Affected | โ |
| 12.10 | Affected | โ |
| 12.04 | Affected | โ |
| 10.04 | Affected | โ |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 2.4.9-1 |
| sid | Fixed | 2.4.9-1 |
| forky | Fixed | 2.4.9-1 |
| bullseye | Fixed | 2.4.9-1 |
| bookworm | Fixed | 2.4.9-1 |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| apache | http_server | {"startIncluding":"2.2.0","endExcluding":"2.2.27"} | 2.2.27 |
| oracle | http_server | 10.1.3.5.0 | |
| oracle | http_server | 11.1.1.7.0 | |
| oracle | http_server | 12.1.2.0 | |
| oracle | http_server | 12.1.3.0 | |
| apache | http_server | {"startIncluding":"2.4.1","endExcluding":"2.4.9"} | 2.4.9 |
References
- https://security-tracker.debian.org/tracker/CVE-2013-6438
- http://advisories.mageia.org/MGASA-2014-0135.html
- http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
- http://marc.info/?l=bugtraq&m=141017844705317&w=2
- http://marc.info/?l=bugtraq&m=141390017113542&w=2
- http://seclists.org/fulldisclosure/2014/Dec/23
- http://secunia.com/advisories/58230
- http://secunia.com/advisories/59315
- http://secunia.com/advisories/59345
- http://secunia.com/advisories/60536
- http://security.gentoo.org/glsa/glsa-201408-12.xml
- http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?r1=1528718&r2=1556428&diff_format=h
- http://www-01.ibm.com/support/docview.wss?uid=swg21669554
- http://www-01.ibm.com/support/docview.wss?uid=swg21676091
- http://www-01.ibm.com/support/docview.wss?uid=swg21676092
- http://www.apache.org/dist/httpd/CHANGES_2.4.9
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.securityfocus.com/archive/1/534161/100/0/threaded
- http://www.securityfocus.com/bid/66303
- http://www.ubuntu.com/usn/USN-2152-1
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.