mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of service (DoS) attack. An internal security audit has been conducted and the reviewers found that if they manipulated the value of the mod_auth_openidc_session_chunks cookie to a very large integer, like 99999999, the server struggles with the request for a long time and finally gets back with a 500 error. Making a few requests of this kind caused our server to become unresponsive. Attackers can craft requests that would make the server work very hard (and possibly become unresponsive) and/or crash with minimal effort. This issue has been addressed in version 2.4.15.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-5289 advisory.

    cjose     mod_auth_openidc     [2.4.9.4-6]
    - Resolves: RHEL-36492 Race condition in mod_auth_openidc filecache
    - Resolves: RHEL-25421 mod_auth_openidc: DoS when using         OIDCSessionType client-cookie and manipulating cookies         (CVE-2024-24814)

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2299-1 advisory.

    - CVE-2024-24814: Fixed a bug that can led to DoS when `OIDCSessionType client-cookie` is set and a     crafted Cookie header is supplied. (bsc#1219911)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0758-1 advisory.

  - mod_auth_openidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP     server that implements the OpenID Connect Relying Party functionality. In affected versions missing input     validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of     service (DoS) attack. An internal security audit has been conducted and the reviewers found that if they     manipulated the value of the mod_auth_openidc_session_chunks cookie to a very large integer, like     99999999, the server struggles with the request for a long time and finally gets back with a 500 error.
    Making a few requests of this kind caused our server to become unresponsive. Attackers can craft requests     that would make the server work very hard (and possibly become unresponsive) and/or crash with minimal     effort. This issue has been addressed in version 2.4.15.2. Users are advised to upgrade. There are no     known workarounds for this vulnerability. (CVE-2024-24814)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0757-1 advisory.

  - mod_auth_openidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP     server that implements the OpenID Connect Relying Party functionality. In affected versions missing input     validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of     service (DoS) attack. An internal security audit has been conducted and the reviewers found that if they     manipulated the value of the mod_auth_openidc_session_chunks cookie to a very large integer, like     99999999, the server struggles with the request for a long time and finally gets back with a 500 error.
    Making a few requests of this kind caused our server to become unresponsive. Attackers can craft requests     that would make the server work very hard (and possibly become unresponsive) and/or crash with minimal     effort. This issue has been addressed in version 2.4.15.2. Users are advised to upgrade. There are no     known workarounds for this vulnerability. (CVE-2024-24814)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3751 advisory.

  - mod_auth_openidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP     server that implements the OpenID Connect Relying Party functionality. In affected versions missing input     validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of     service (DoS) attack. An internal security audit has been conducted and the reviewers found that if they     manipulated the value of the mod_auth_openidc_session_chunks cookie to a very large integer, like     99999999, the server struggles with the request for a long time and finally gets back with a 500 error.
    Making a few requests of this kind caused our server to become unresponsive. Attackers can craft requests     that would make the server work very hard (and possibly become unresponsive) and/or crash with minimal     effort. This issue has been addressed in version 2.4.15.2. Users are advised to upgrade. There are no     known workarounds for this vulnerability. (CVE-2024-24814)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-3c0f2a2771 advisory.

  - mod_auth_openidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP     server that implements the OpenID Connect Relying Party functionality. In affected versions missing input     validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of     service (DoS) attack. An internal security audit has been conducted and the reviewers found that if they     manipulated the value of the mod_auth_openidc_session_chunks cookie to a very large integer, like     99999999, the server struggles with the request for a long time and finally gets back with a 500 error.
    Making a few requests of this kind caused our server to become unresponsive. Attackers can craft requests     that would make the server work very hard (and possibly become unresponsive) and/or crash with minimal     effort. This issue has been addressed in version 2.4.15.2. Users are advised to upgrade. There are no     known workarounds for this vulnerability. (CVE-2024-24814)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
205535	Oracle Linux 8 : mod_auth_openidc:2.3 (ELSA-2024-5289)	Nessus	Oracle Linux Local Security Checks	high
201907	SUSE SLES15 / openSUSE 15 Security Update : apache2-mod_auth_openidc (SUSE-SU-2024:2299-1)	Nessus	SuSE Local Security Checks	high
191705	SUSE SLES12 Security Update : apache2-mod_auth_openidc (SUSE-SU-2024:0758-1)	Nessus	SuSE Local Security Checks	high
191626	SUSE SLES15 / openSUSE 15 Security Update : apache2-mod_auth_openidc (SUSE-SU-2024:0757-1)	Nessus	SuSE Local Security Checks	high
191563	Debian dla-3751 : libapache2-mod-auth-openidc - security update	Nessus	Debian Local Security Checks	high
191473	Fedora 39 : mod_auth_openidc (2024-3c0f2a2771)	Nessus	Fedora Local Security Checks	high

Detections

Analytics

CVE-2024-24814

high

Tenable Plugins

high

high

high

high

high

high