CVE-2016-3110 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-3110 PUBLISHED CVSS 5 MEDIUM

mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element.

EPSS 3.22% · 87.0th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

3.22%

87.0th percentile

Affected Products

Vendor	Product	Versions
Maven	org.jboss.mod_cluster:mod_cluster-parent	0
n/a	n/a	n/a
fedoraproject	fedora	30, 28, 29
redhat	jboss_enterprise_web_server	2.1, 2.0.0
redhat	jboss_enterprise_application_platform	6.0.0, 6.4.0

Timeline

Sep 26, 2016 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

https://github.com/modcluster/mod_cluster package
RHSA-2016:2056 vendor-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1326320 url
RHSA-2016:1648 vendor-advisory
92584 vdb
RHSA-2016:2055 vendor-advisory
RHSA-2016:1649 vendor-advisory
RHSA-2016:1650 vendor-advisory
RHSA-2016:2054 vendor-advisory
FEDORA-2019-3877efca99 vendor-advisory
FEDORA-2019-7813edd5a2 vendor-advisory
FEDORA-2019-17556e2ad6 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2016-3110 advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL url
https://web.archive.org/web/20200227231527/http://www.securityfocus.com/bid/92584 url

Open in Interactive Console →