High severity7.5NVD Advisory· Published Sep 26, 2016· Updated May 6, 2026
CVE-2016-3110
CVE-2016-3110
Description
mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jboss.mod_cluster:mod_cluster-parentMaven | < 1.3.3.Final | 1.3.3.Final |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
20- rhn.redhat.com/errata/RHSA-2016-1648.htmlnvdVendor AdvisoryWEB
- rhn.redhat.com/errata/RHSA-2016-1649.htmlnvdVendor AdvisoryWEB
- rhn.redhat.com/errata/RHSA-2016-2054.htmlnvdVendor AdvisoryWEB
- rhn.redhat.com/errata/RHSA-2016-2055.htmlnvdVendor AdvisoryWEB
- www.securityfocus.com/bid/92584nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-68qq-3phh-53j7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-3110ghsaADVISORY
- rhn.redhat.com/errata/RHSA-2016-1650.htmlnvdBroken LinkWEB
- rhn.redhat.com/errata/RHSA-2016-2056.htmlnvdBroken LinkWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RIghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBOghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLLghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RIghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBOghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLLghsaWEB
- web.archive.org/web/20200227231527/http://www.securityfocus.com/bid/92584ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JMA2YLPK6SEUVF5Q3QEANHYEPRZA2RI/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CX5QNNIVAUB2VVDV6TR3YMFTL6VRKOBO/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE5YZTBZRXCMQFT5LDLZG2HAYBKMYQLL/nvd
News mentions
0No linked articles in our index yet.