Apache mod_ssl ssl_compat_directive Function Overflow

This script is Copyright (C) 2002-2014 Thomas Reinke


Synopsis :

The remote web server is using a module that is affected by a remote
code execution vulnerability.

Description :

The remote host is using a version of mod_ssl that is older than
2.8.10.

This version is vulnerable to an off-by-one buffer overflow that could
allow a user with write access to .htaccess files to execute arbitrary
code on the system with permissions of the web server.

*** Note that several Linux distributions (such as RedHat) *** patched
the old version of this module. Therefore, this *** might be a false
positive. Please check with your vendor *** to determine if you really
are vulnerable to this flaw

See also :

http://marc.info/?l=vuln-dev&m=102477330617604&w=2
http://marc.info/?l=bugtraq&m=102513970919836&w=2

Solution :

Upgrade to mod_ssl version 2.8.10 or newer.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 3.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 11039 ()

Bugtraq ID: 5084

CVE ID: CVE-2002-0653