mod_auth_mellon 输入验证错误漏洞

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8

来源:CONFIRM

链接:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877

来源:CONFIRM

链接:https://github.com/Uninett/mod_auth_mellon/issues/35

来源:CONFIRM

链接:https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/

来源:UBUNTU

链接:https://usn.ubuntu.com/3924-1/

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:0766

来源:access.redhat.com

链接:https://access.redhat.com/errata/RHSA-2019:3421

来源:www.debian.org

链接:http://www.debian.org/security/2019/dsa-4414

来源:usn.ubuntu.com

链接:https://usn.ubuntu.com/3924-1/

来源:www.securityfocus.com

链接:http://www.securityfocus.com/bid/107556

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/152202/Debian-Security-Advisory-4414-1.html

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Apache-mod-auth-mellon-open-redirect-via-Logout-URL-Checking-28828

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/78058

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/152281/Ubuntu-Security-Notice-USN-3924-1.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/159676/Ubuntu-Security-Notice-USN-4597-1.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/77698

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-3877

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.3653/