RHEL 4 / 5 / 6 : mod_cluster-native (RHSA-2012:0037)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing a security update.

Description :

An updated mod_cluster-native package that fixes one security issue is
now available for JBoss Enterprise Application Platform 5.1.2 for Red
Hat Enterprise Linux 4, 5, and 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System
(CVSS) base score, which gives a detailed severity rating, is
available from the CVE link in the References section.

mod_cluster-native provides a native build of mod_cluster for the
Apache HTTP Server (httpd). mod_cluster is an httpd-based load
balancer. Like mod_jk, it uses a communication channel to forward
requests from httpd to an application server node.

It was found that mod_cluster allowed worker nodes to register on any
virtual host (vhost), regardless of the security constraints applied
to other vhosts. In a typical environment, there will be one vhost
configured internally for worker nodes, and another configured
externally for serving content. A remote attacker could use this flaw
to register an attacker-controlled worker node via an external vhost
that is not configured to apply security constraints, then use that
worker node to serve malicious content, intercept credentials, and
hijack user sessions. (CVE-2011-4608)

Users of mod_cluster-native should upgrade to this updated package,
which contains a backported patch to resolve this issue. Refer to the
Solution section for installation instructions.

See also :

https://www.redhat.com/security/data/cve/CVE-2011-4608.html
http://docs.redhat.com/docs/en-US/index.html
http://rhn.redhat.com/errata/RHSA-2012-0037.html

Solution :

Update the affected mod_cluster-native package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 64019 ()

Bugtraq ID: 51554

CVE ID: CVE-2011-4608