GLSA-200602-03 : Apache: Multiple vulnerabilities

This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-200602-03
(Apache: Multiple vulnerabilities)

Apache's mod_imap fails to properly sanitize the 'Referer' directive of
imagemaps in some cases, leaving the HTTP Referer header unescaped. A
flaw in mod_ssl can lead to a NULL pointer dereference if the site uses
a custom 'Error 400' document. These vulnerabilities were reported by
Marc Cox and Hartmut Keil, respectively.

Impact :

A remote attacker could exploit mod_imap to inject arbitrary HTML or
JavaScript into a user's browser to gather sensitive information.
Attackers could also cause a Denial of Service on hosts using the SSL
module (Apache 2.0.x only).

Workaround :

There is no known workaround at this time.

See also :

http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml

Solution :

All Apache users should upgrade to the latest version, depending on
whether they still use the old configuration style
(/etc/apache/conf/*.conf) or the new one (/etc/apache2/httpd.conf).
2.0.x users, new style config:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-servers/apache-2.0.55-r1'
2.0.x users, old style config:
# emerge --sync
# emerge --ask --oneshot --verbose '=www-servers/apache-2.0.54-r16'
1.x users, new style config:
# emerge --sync
# emerge --ask --oneshot --verbose '=www-servers/apache-1.3.34-r11'
1.x users, old style config:
# emerge --sync
# emerge --ask --oneshot --verbose '=www-servers/apache-1.3.34-r2'

Risk factor :

Medium / CVSS Base Score : 5.4
(CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 4.7
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: Gentoo Local Security Checks

Nessus Plugin ID: 20874 (gentoo_GLSA-200602-03.nasl)

Bugtraq ID: 15834
16152

CVE ID: CVE-2005-3352
CVE-2005-3357