Detections
Analytics

Apache 2.0.x < 2.0.51 Multiple Vulnerabilities (OF, DoS)

medium Nessus Plugin ID 14748

Language:

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

According to its Server response header, the remote host is running a version of Apache 2.0.x prior to 2.0.51. It is, therefore, affected by multiple vulnerabilities :

 - An input validation issue in apr-util can be triggered by malformed IPv6 literal addresses and result in a buffer overflow (CVE-2004-0786).

 - There is a buffer overflow that can be triggered when expanding environment variables during configuration file parsing (CVE-2004-0747).

 - A segfault in mod_dav_ds when handling an indirect lock refresh can lead to a process crash (CVE-2004-0809).

 - A segfault in the SSL input filter can be triggered if using 'speculative' mode by, for instance, a proxy request to an SSL server (CVE-2004-0751).

 - There is the potential for an infinite loop in mod_ssl (CVE-2004-0748).

Solution

Upgrade to Apache 2.0.51 or later.

See Also

https://bz.apache.org/bugzilla/show_bug.cgi?id=31183

https://archive.apache.org/dist/httpd/CHANGES_2.0

Plugin Details

Severity: Medium

ID: 14748

File Name: apache_2_0_51.nasl

Version: 1.30

Type: remote

Family: Web Servers

Published: 9/16/2004

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 5.1

Temporal Score: 4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server

Required KB Items: installed_sw/Apache

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 7/8/2004

Reference Information

CVE: CVE-2004-0747, CVE-2004-0748, CVE-2004-0751, CVE-2004-0786, CVE-2004-0809

BID: 11185, 11187