Boletines de Vulnerabilidades

IBM Security Bulletin: Apache denial of service vulnerability in QRadar (CVE-2014-0118)

Información sobre el sistema
   
Software afectado IBM

Descripción
Open source Apache HTTP Server is vulnerable to a denial of service, caused by an error in the mod_deflate module as used in IBM QRadar 7.1 MR2 and IBM QRadar 7.2 MR3 CVE(s): CVE-2014-0118 Affected product(s) and affected version(s): IBM QRadar 7.1 MR2 Patch 7 or lower IBM QRadar 7.2 MR3 Patch 3 or lower Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21688967 X-Force

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_apache_denial_of_service_vulnerability_in_qradar_cve_2014_0118?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-0118 ,CVE-2014-0224 ,CVE-2013-4322 ,CVE-2014-0878 ,CVE-2014-0460 ,CVE-2014-6130 ,CVE-2014-4263 and CVE-2014-4244.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-11-05

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT