CVE-2012-0053

MEDIUM

Description

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

http://httpd.apache.org/security/vulnerabilities_22.html

http://kb.juniper.net/JSA10585

http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html

http://marc.info/?l=bugtraq&m=133294460209056&w=2

http://marc.info/?l=bugtraq&m=133494237717847&w=2

http://marc.info/?l=bugtraq&m=133951357207000&w=2

http://marc.info/?l=bugtraq&m=136441204617335&w=2

http://rhn.redhat.com/errata/RHSA-2012-0128.html

http://rhn.redhat.com/errata/RHSA-2012-0542.html

http://rhn.redhat.com/errata/RHSA-2012-0543.html

http://secunia.com/advisories/48551

http://support.apple.com/kb/HT5501

http://svn.apache.org/viewvc?view=revision&revision=1235454

http://www.debian.org/security/2012/dsa-2405

http://www.mandriva.com/security/advisories?name=MDVSA-2012:012

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

http://www.securityfocus.com/bid/51706

https://bugzilla.redhat.com/show_bug.cgi?id=785069

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2012-01-28

Updated: 2018-01-18

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*

Tenable Plugins

View all (36 total)

ID	Name	Product	Family	Severity
83578	SUSE SLES10 Security Update : apache2 (SUSE-SU-2013:0469-1)	Nessus	SuSE Local Security Checks	medium
80582	Oracle Solaris Third-Party Patch Update : apache (cve_2011_3607_buffer_overflow)	Nessus	Solaris Local Security Checks	medium
80192	Juniper Junos Space 11.1x < 13.1R1.6 Multiple Vulnerabilities (JSA10585)	Nessus	Junos Local Security Checks	medium
79733	F5 Networks BIG-IP : Apache HTTP server vulnerabilities (SOL15889)	Nessus	F5 Networks Local Security Checks	medium
78923	RHEL 5 / 6 : JBoss Web Server (RHSA-2012:0542)	Nessus	Red Hat Local Security Checks	medium
78168	F5 Networks BIG-IP : Apache vulnerability (SOL15273)	Nessus	F5 Networks Local Security Checks	medium
77326	Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642)	Nessus	Misc.	critical
75789	openSUSE Security Update : apache2-201202 (openSUSE-SU-2012:0314-1)	Nessus	SuSE Local Security Checks	medium
74555	openSUSE Security Update : apache2 (openSUSE-2012-132)	Nessus	SuSE Local Security Checks	medium
69653	Amazon Linux AMI : httpd (ALAS-2012-46)	Nessus	Amazon Linux Local Security Checks	medium
68914	Apache 2.0.x < 2.0.65 Multiple Vulnerabilities	Nessus	Web Servers	high
68488	Oracle Linux 5 : httpd (ELSA-2012-0323)	Nessus	Oracle Linux Local Security Checks	medium
68458	Oracle Linux 6 : httpd (ELSA-2012-0128)	Nessus	Oracle Linux Local Security Checks	medium
6583	Mac OS X 10.7 < 10.7.5 Multiple Vulnerabilities	Nessus Network Monitor	Generic	critical
62214	Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)	Nessus	MacOS X Local Security Checks	critical
62213	Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)	Nessus	MacOS X Local Security Checks	critical
61261	Scientific Linux Security Update : httpd on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
61245	Scientific Linux Security Update : httpd on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
59851	HP System Management Homepage < 7.1.1 Multiple Vulnerabilities	Nessus	Web Servers	high
59678	GLSA-201206-25 : Apache HTTP Server: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
58252	Fedora 15 : httpd-2.2.22-1.fc15 (2012-1642)	Nessus	Fedora Local Security Checks	medium
58166	SuSE 10 Security Update : Apache2 (ZYPP Patch Number 7972)	Nessus	SuSE Local Security Checks	medium
58085	RHEL 5 : httpd (RHSA-2012:0323)	Nessus	Red Hat Local Security Checks	medium
58050	Fedora 16 : httpd-2.2.22-1.fc16 (2012-1598)	Nessus	Fedora Local Security Checks	medium
58030	SuSE 11.1 Security Update : Apache2 (SAT Patch Number 5760)	Nessus	SuSE Local Security Checks	medium
57999	Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : apache2 vulnerabilities (USN-1368-1)	Nessus	Ubuntu Local Security Checks	medium
57960	CentOS 6 : httpd (CESA-2012:0128)	Nessus	CentOS Local Security Checks	medium
57931	RHEL 6 : httpd (RHSA-2012:0128)	Nessus	Red Hat Local Security Checks	medium
57892	Slackware 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / current : httpd (SSA:2012-041-01)	Nessus	Slackware Local Security Checks	medium
57851	Debian DSA-2405-1 : apache2 - multiple issues	Nessus	Debian Local Security Checks	medium
800552	Apache 2.2 < 2.2.22 Multiple Vulnerabilities	Log Correlation Engine	Web Servers	high
6302	Apache 2.2 < 2.2.22 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	medium
57819	Mandriva Linux Security Advisory : apache (MDVSA-2012:012)	Nessus	Mandriva Local Security Checks	medium
57792	Apache HTTP Server httpOnly Cookie Information Disclosure	Nessus	Web Servers	medium
57791	Apache 2.2.x < 2.2.22 Multiple Vulnerabilities	Nessus	Web Servers	medium
57786	FreeBSD : apache -- multiple vulnerabilities (4b7dbfab-4c6b-11e1-bc16-0023ae8e59f0)	Nessus	FreeBSD Local Security Checks	medium