Apache-SSL Environment Variables Manipulation

High Log Correlation Engine Plugin ID 800570


The remote web server is prone to a memory disclosure / privilege escalation attack.


According to its banner, the version of Apache-SSL installed on the remote host is older than apache_1.3.41+ssl_1.59. Such versions fail to properly sanitize certificate data before using it to populate environment variables. By sending a client certificate with special characters for the subject, a remote attacker can overwrite certain environment variables used by the web server, resulting in memory disclosure or potential privilege escalation in a web application.


Upgrade to apache_1.3.41+ssl_1.59 or higher.

See Also




Plugin Details

Severity: High

ID: 800570

File Name: 800570.prm

Family: Web Servers

Nessus ID: 31738

Risk Information

Risk Factor: High


Base Score: 6.4

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Reference Information

CVE: CVE-2008-0555

BID: 28576