GLSA-200406-16 : Apache 1.3: Buffer overflow in mod_proxy
Critical Nessus Plugin ID 14527
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200406-16 (Apache 1.3: Buffer overflow in mod_proxy)
A bug in the proxy_util.c file may lead to a remote buffer overflow. To trigger the vulnerability an attacker would have to get mod_proxy to connect to a malicous server which returns an invalid (negative) Content-Length.
An attacker could cause a Denial of Service as the Apache child handling the request, which will die and under some circumstances execute arbitrary code as the user running Apache, usually 'apache'.
There is no known workaround at this time. All users are encouraged to upgrade to the latest available version:
SolutionApache 1.x users should upgrade to the latest version of Apache:
# emerge sync # emerge -pv '>=www-servers/apache-1.3.31-r2' # emerge '>=www-servers/apache-1.3.31-r2'