The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mod_auth_mellon | Uninett | * | 0.8.1 (excluding) |