Apache 2.2.x < 2.2.13 APR apr_palloc Heap Overflow

critical Nessus Plugin ID 57603

Synopsis

The remote web server is affected by a buffer overflow vulnerability.

Description

According to its self-reported banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.13. As such, it includes a bundled version of the Apache Portable Runtime (APR) library that contains a flaw in 'apr_palloc()' that could cause a heap overflow.

Note that the Apache HTTP server itself does not pass unsanitized, user-provided sizes to this function so it could only be triggered through some other application that uses it in a vulnerable way.

Solution

Upgrade to Apache 2.2.13 or later.

See Also

http://httpd.apache.org/security/vulnerabilities_22.html

Plugin Details

Severity: Critical

ID: 57603

File Name: apache_2_2_13.nasl

Version: 1.7

Type: remote

Family: Web Servers

Published: 1/19/2012

Updated: 6/29/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server

Required KB Items: installed_sw/Apache

Exploit Ease: No known exploits are available

Patch Publication Date: 8/9/2009

Vulnerability Publication Date: 8/4/2009

Reference Information

CVE: CVE-2009-2412

BID: 35949

CWE: 189