SUSE-SA:2004:032: apache2

medium Nessus Plugin ID 14731

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2004:032 (apache2).


The Apache daemon is running on most of the web-servers used in the Internet today.
The Red Hat ASF Security-Team and the Swedish IT Incident Center within the National Post and Telecom Agency (SITIC) have found a bug in apache2 each.
The first vulnerability appears in the apr_uri_parse() function while handling IPv6 addresses. The affected code passes a negative length argument to the memcpy() function. On BSD systems this can lead to remote command execution due to the nature of the memcpy() implementation.
On Linux this bug will result in a remote denial-of-service condition.
The second bug is a local buffer overflow that occurs while expanding ${ENVVAR} in the .htaccess and httpd.conf file. Both files are not writeable by normal user by default.

Solution

http://www.suse.de/security/2004_32_apache2.html

Plugin Details

Severity: Medium

ID: 14731

File Name: suse_SA_2004_032.nasl

Version: 1.15

Agent: unix

Published: 9/15/2004

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2004-0747, CVE-2004-0786

BID: 11187, 11182