CVE-2020-35452

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow

References

http://httpd.apache.org/security/vulnerabilities_24.html

https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cannounce.httpd.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E

http://www.openwall.com/lists/oss-security/2021/06/10/5

https://security.netapp.com/advisory/ntap-20210702-0001/

https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html

https://www.debian.org/security/2021/dsa-4937

https://security.gentoo.org/glsa/202107-38

https://lists.fedoraproject.org/archives/list/[email protected]/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/

https://www.oracle.com/security-alerts/cpuoct2021.html

Details

Source: MITRE

Published: 2021-06-10

Updated: 2021-10-20

Type: CWE-787

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 7.3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Impact Score: 3.4

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* versions from 2.4.0 to 2.4.46 (inclusive)

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
153682EulerOS 2.0 SP9 : httpd (EulerOS-SA-2021-2529)NessusHuawei Local Security Checks
critical
153679EulerOS 2.0 SP9 : httpd (EulerOS-SA-2021-2553)NessusHuawei Local Security Checks
critical
153355EulerOS 2.0 SP2 : httpd (EulerOS-SA-2021-2381)NessusHuawei Local Security Checks
critical
153184Photon OS 3.0: Httpd PHSA-2021-3.0-0257NessusPhotonOS Local Security Checks
high
153054EulerOS 2.0 SP5 : httpd (EulerOS-SA-2021-2333)NessusHuawei Local Security Checks
high
152332EulerOS 2.0 SP8 : httpd (EulerOS-SA-2021-2298)NessusHuawei Local Security Checks
high
151694openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:2127-1)NessusSuSE Local Security Checks
critical
151522Amazon Linux AMI : httpd24 (ALAS-2021-1514)NessusAmazon Linux Local Security Checks
critical
151486Debian DLA-2706-1 : apache2 - LTS security updateNessusDebian Local Security Checks
critical
151485Debian DSA-4937-1 : apache2 - security updateNessusDebian Local Security Checks
critical
151436Photon OS 1.0: Httpd PHSA-2021-1.0-0409NessusPhotonOS Local Security Checks
critical
151272Amazon Linux 2 : httpd (ALAS-2021-1674)NessusAmazon Linux Local Security Checks
critical
151196Photon OS 2.0: Httpd PHSA-2021-2.0-0365NessusPhotonOS Local Security Checks
critical
151095SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2021:2127-1)NessusSuSE Local Security Checks
critical
151068openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:0908-1)NessusSuSE Local Security Checks
critical
151010FreeBSD : Apache httpd -- Multiple vulnerabilities (cce76eca-ca16-11eb-9b84-d4c9ef517024)NessusFreeBSD Local Security Checks
critical
150983Amazon Linux 2 : httpd (ALAS-2021-1659)NessusAmazon Linux Local Security Checks
critical
150942Ubuntu 16.04 LTS : Apache HTTP Server vulnerabilities (USN-4994-2)NessusUbuntu Local Security Checks
critical
150940Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : Apache HTTP Server vulnerabilities (USN-4994-1)NessusUbuntu Local Security Checks
critical
150902SUSE SLES11 Security Update : apache2 (SUSE-SU-2021:14749-1)NessusSuSE Local Security Checks
high
150877SUSE SLED12 / SLES12 Security Update : apache2 (SUSE-SU-2021:2006-1)NessusSuSE Local Security Checks
high
150876SUSE SLES15 Security Update : apache2 (SUSE-SU-2021:2004-1)NessusSuSE Local Security Checks
high
112806Apache 2.4.x < 2.4.48 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
150334Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2021-158-01)NessusSlackware Local Security Checks
critical
150280Apache 2.4.x < 2.4.47 Multiple VulnerabilitiesNessusWeb Servers
critical