IBM HTTP Server 6.0 <= 6.0.2.43 (FP43) / 6.1 <= 6.1.0.47 (FP47) / 7.0 < 7.0.0.39 (FP39) / 8.0 < 8.0.0.11 (FP11) / 8.5 < 8.5.5.7 (FP7) Named Pipe DoS

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote IBM HTTP Server is affected by multiple vulnerabilities.

Description :

The IBM HTTP Server running on the remote host is version 6.0 prior to
or equal to 6.0.2.43, 6.1 prior to or equal to 6.1.0.47, 7.0 prior to
7.0.0.39, 8.0 prior to 8.0.0.11, or 8.5 prior to 8.5.5.7. It is,
therefore, affected by a flaw in the Apache Portable Runtime (APR)
that is triggered when an APR application is using APR named pipe
support on Windows. A local attacker can exploit this to conduct a
pipe squatting attack from a local process.

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21959081

Solution :

Apply IBM 7.0 Fix Pack 39 (7.0.0.39) / 8.0 Fix Pack 11 (8.0.0.11) /
8.5 Fix Pack 7 (8.5.5.7) or later. Alternatively, apply the Interim
Fixes as recommended in the vendor advisory.

In the case of the 6.0 branch, apply IBM 6.0 Fix Pack 43 (6.0.2.43)
and then apply Interim Fix PI39833.

In the case of the 6.1 branch, apply IBM 6.1 Fix Pack 47 (6.1.0.47)
and then apply Interim Fixes PI39833.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 86019 ()

Bugtraq ID: 75164

CVE ID: CVE-2015-1829

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now