IBM HTTP Server on Windows Apache Portable Runtime (APR) Named Pipe DoS

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote web server may be affected by a denial of service
vulnerability.

Description :

According to its banner, the version of IBM HTTP Server running on the
remote host is potentially affected by a denial of service
vulnerability due to an error related to the included Apache Portable
Runtime (APR) and named pipe handling. A local attacker, using a
'named pipe squatting attack' from a local process, can exploit this
to cause a denial of service. This issue only affects IBM HTTP Server
on Windows.

Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.

Also note that Nessus has not attempted to determine if the 'PI39833'
interim fix or a later patch has been applied. If a patch has already
been applied, consider this a false positive.

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21959081
http://www-01.ibm.com/support/docview.wss?uid=swg24040155

Solution :

Upgrade to 6.0.2.43, 6.1.0.47, 7.0.0.37, 8.0.0.9, or 8.5.5.5. Then
apply Interim Fix PI39833.

Note that the fix is scheduled to be included in the following
versions :

- 7.0.0.39
- 8.0.0.11
- 8.5.5.7

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 1.6
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 84290 ()

Bugtraq ID: 75164

CVE ID: CVE-2015-1829

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now