Oracle Solaris Third-Party Patch Update : apache (multiple_denial_of_service_dos5)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Solaris system is missing a security patch for third-party
software.

Description :

The remote Solaris system is missing necessary patches to address
security updates :

- The cache_invalidate function in
modules/cache/cache_storage.c in the mod_cache module in
the Apache HTTP Server 2.4.6, when a caching forward
proxy is enabled, allows remote HTTP servers to cause a
denial of service (NULL pointer dereference and daemon
crash) via vectors that trigger a missing hostname
value. (CVE-2013-4352)

- The mod_proxy module in the Apache HTTP Server 2.4.x
before 2.4.10, when a reverse proxy is enabled, allows
remote attackers to cause a denial of service
(child-process crash) via a crafted HTTP Connection
header. (CVE-2014-0117)

- The deflate_in_filter function in mod_deflate.c in the
mod_deflate module in the Apache HTTP Server before
2.4.10, when request body decompression is enabled,
allows remote attackers to cause a denial of service
(resource consumption) via crafted request data that
decompresses to a much larger size. (CVE-2014-0118)

- Race condition in the mod_status module in the Apache
HTTP Server before 2.4.10 allows remote attackers to
cause a denial of service (heap-based buffer overflow),
or possibly obtain sensitive credential information or
execute arbitrary code, via a crafted request that
triggers improper scoreboard handling within the
status_handler function in
modules/generators/mod_status.c and the
lua_ap_scoreboard_worker function in
modules/lua/lua_request.c. (CVE-2014-0226)

- The mod_cgid module in the Apache HTTP Server before
2.4.10 does not have a timeout mechanism, which allows
remote attackers to cause a denial of service (process
hang) via a request to a CGI script that does not read
from its stdin file descriptor. (CVE-2014-0231)

See also :

http://www.nessus.org/u?b5f8def1
http://www.nessus.org/u?e221b264

Solution :

Upgrade to Solaris 11.2.2.5.0.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Solaris Local Security Checks

Nessus Plugin ID: 80589 ()

Bugtraq ID:

CVE ID: CVE-2013-4352
CVE-2014-0117
CVE-2014-0118
CVE-2014-0226
CVE-2014-0231

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now