SUSE-SA:2004:032: apache2

Medium Nessus Plugin ID 14731


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2004:032 (apache2).

The Apache daemon is running on most of the web-servers used in the Internet today.
The Red Hat ASF Security-Team and the Swedish IT Incident Center within the National Post and Telecom Agency (SITIC) have found a bug in apache2 each.
The first vulnerability appears in the apr_uri_parse() function while handling IPv6 addresses. The affected code passes a negative length argument to the memcpy() function. On BSD systems this can lead to remote command execution due to the nature of the memcpy() implementation.
On Linux this bug will result in a remote denial-of-service condition.
The second bug is a local buffer overflow that occurs while expanding ${ENVVAR} in the .htaccess and httpd.conf file. Both files are not writeable by normal user by default.


Plugin Details

Severity: Medium

ID: 14731

File Name: suse_SA_2004_032.nasl

Version: $Revision: 1.11 $

Agent: unix

Published: 2004/09/15

Modified: 2011/11/03

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2004-0747, CVE-2004-0786

BID: 11187, 11182