EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1177)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote EulerOS host is missing multiple security updates.

Description :

According to the versions of the httpd packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

- It was discovered that the httpd's mod_auth_digest
module did not properly initialize memory before using
it when processing certain headers related to digest
authentication. A remote attacker could possibly use
this flaw to disclose potentially sensitive information
or cause httpd child process to crash by sending
specially crafted requests to a server. (CVE-2017-9788)

- It was discovered that the use of httpd's
ap_get_basic_auth_pw() API function outside of the
authentication phase could lead to authentication
bypass. A remote attacker could possibly use this flaw
to bypass required authentication if the API was used
incorrectly by one of the modules used by httpd.
(CVE-2017-3167)

- A NULL pointer dereference flaw was found in the
httpd's mod_ssl module. A remote attacker could use
this flaw to cause an httpd child process to crash if
another module used by httpd called a certain API
function during the processing of an HTTPS request.
(CVE-2017-3169)

- A buffer over-read flaw was found in the httpd's
ap_find_token() function. A remote attacker could use
this flaw to cause httpd child process to crash via a
specially crafted HTTP request. (CVE-2017-7668)

- A buffer over-read flaw was found in the httpd's
mod_mime module. A user permitted to modify httpd's
MIME configuration could use this flaw to cause httpd
child process to crash. (CVE-2017-7679)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?1ceb54cb

Solution :

Update the affected httpd packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Huawei Local Security Checks

Nessus Plugin ID: 103015 ()

Bugtraq ID:

CVE ID: CVE-2017-3167
CVE-2017-3169
CVE-2017-7668
CVE-2017-7679
CVE-2017-9788

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now