FreeBSD : Apache -- Multiple vulnerabilities (caf545f2-c0d9-11e9-9051-4c72b94353b5) (Internal Data Buffering)

Medium Nessus Plugin ID 127951

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.2

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

SO-AND-SO reports : SECURITY: CVE-2019-10081 mod_http2: HTTP/2 very early pushes, for example configured with 'H2PushResource', could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client. SECURITY: CVE-2019-9517 mod_http2: a malicious client could perform a DoS attack by flooding a connection with requests and basically never reading responses on the TCP connection. Depending on h2 worker dimensioning, it was possible to block those with relatively few connections. SECURITY:
CVE-2019-10098 rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable matches and substitutions with encoded line break characters. SECURITY: CVE-2019-10092 Remove HTML-escaped URLs from canned error responses to prevent misleading text/links being displayed via crafted links. SECURITY: CVE-2019-10097 mod_remoteip:
Fix stack-based buffer overflow and NULL pointer deference when reading the PROXY protocol header. CVE-2019-10082 mod_http2: Using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.

Solution

Update the affected package.

See Also

http://www.apache.org/dist/httpd/CHANGES_2.4

http://www.nessus.org/u?d60028a5

Plugin Details

Severity: Medium

ID: 127951

File Name: freebsd_pkg_caf545f2c0d911e990514c72b94353b5.nasl

Version: 1.4

Type: local

Published: 2019/08/20

Updated: 2020/01/02

Dependencies: 12634

Risk Information

Risk Factor: Medium

VPR Score: 5.2

CVSS Score Source: CVE-2019-10082

CVSS v2.0

Base Score: 6.4

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 9.1

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:apache24, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2019/08/17

Vulnerability Publication Date: 2019/08/14

Reference Information

CVE: CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10098, CVE-2019-9517