icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Apache-SSL Environment Variables Manipulation

Medium

Synopsis

The remote web server is prone to a memory disclosure / privilege escalation attack.

Description

According to its banner, the version of Apache-SSL installed on the remote host is older than apache_1.3.41+ssl_1.59. Such versions fail to properly sanitize certificate data before using it to populate environment variables. By sending a client certificate with special characters for the subject, a remote attacker can overwrite certain environment variables used by the web server, resulting in memory disclosure or potential privilege escalation in a web application.

Solution

Upgrade to apache_1.3.41+ssl_1.59 or higher.