http://apache.secsup.org/dist/httpd/Announcement2.html

CLA-2003:775

http://docs.info.apple.com/article.html?artnum=61798

APPLE-SA-2004-01-26

http://lists.apple.com/mhonarc/security-announce/msg00045.html

20031031 GLSA:  apache (200310-04)

200310-04

O-015

MDKSA-2003:103

RHSA-2003:320

HPSBUX0311-301

8926

9504

apache-modcgi-info-disclosure(13552)

[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210330 svn commit: r1888194 [2/13] - /httpd/site/trunk/content/security/json/

[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

[httpd-cvs] 20210330 svn commit: r1073139 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

The remote host appears to be running a version of Apache 2.x that is older than 2.0.48.  This version is vulnerable to a bug that may allow a rogue CGI to disable the httpd service by issuing over 4K of data to stderr. To exploit this flaw, an attacker would need the ability to upload a rogue CGI script to this server and to have it executed by the Apache daemon (httpd).

The remote host appears to be running a version of Apache which is older  than 1.3.29  There are several flaws in this version that may allow an attacker to possibly execute arbitrary code through mod_alias and mod_rewrite.

A buffer overflow in mod_alias and mod_rewrite was discovered in Apache versions 1.3.19 and earlier as well as Apache 2.0.47 and earlier. This happens when a regular expression with more than 9 captures is confined. An attacker would have to create a carefully crafted configuration file (.htaccess or httpd.conf) in order to exploit these problems.

As well, another buffer overflow in Apache 2.0.47 and earlier in mod_cgid's mishandling of CGI redirect paths could result in CGI output going to the wrong client when a threaded MPM is used.

Apache version 2.0.48 and 1.3.29 were released upstream to correct these bugs; backported patches have been applied to the provided packages.

The remote host is missing Security Update 2004-01-26.

This security update includes the following components :

 - Apache 1.3
 - Classic
 - Mail
 - Safari
 - Windows File Sharing

For MacOS 10.1.5, it only includes the following :

 - Mail

This update contains various fixes which may allow an attacker to execute arbitrary code on the remote host.

The remote host appears to be running a version of Apache 2.0.x prior to 2.0.48. It is, therefore, affected by multiple vulnerabilities :

  - The mod_rewrite and mod_alias modules fail to handle     regular expressions containing more than 9 captures     resulting in a buffer overflow.

  - A vulnerability may occur in the mod_cgid module caused     by the mishandling of CGI redirect paths. This could     cause Apache to send the output of a CGI program to the     wrong client.

ID	Name	Product	Family	Severity
2175	Apache < 2.0.48 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	high
2174	Apache < 1.3.29 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	high
14085	Mandrake Linux Security Advisory : apache (MDKSA-2003:103)	Nessus	Mandriva Local Security Checks	critical
12517	Mac OS X Multiple Vulnerabilities (Security Update 2004-01-26)	Nessus	MacOS X Local Security Checks	critical
11853	Apache 2.0.x < 2.0.48 Multiple Vulnerabilities (OF, Info Disc.)	Nessus	Web Servers	critical
800585	Apache < 1.3.29 Multiple Vulnerabilities	Log Correlation Engine	Web Servers	high
800583	Apache < 2.0.48 Multiple Vulnerabilities	Log Correlation Engine	Web Servers	high

CVE-2003-0789

HIGH

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Tenable Plugins

high

high

critical

critical

critical

high

high