Apache 2.0.x < 2.0.51 Multiple Vulnerabilities (OF, DoS)

Medium Nessus Plugin ID 14748

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

According to its Server response header, the remote host is running a version of Apache 2.0.x prior to 2.0.51. It is, therefore, affected by multiple vulnerabilities :

- An input validation issue in apr-util can be triggered by malformed IPv6 literal addresses and result in a buffer overflow (CVE-2004-0786).

- There is a buffer overflow that can be triggered when expanding environment variables during configuration file parsing (CVE-2004-0747).

- A segfault in mod_dav_ds when handling an indirect lock refresh can lead to a process crash (CVE-2004-0809).

- A segfault in the SSL input filter can be triggered if using 'speculative' mode by, for instance, a proxy request to an SSL server (CVE-2004-0751).

- There is the potential for an infinite loop in mod_ssl (CVE-2004-0748).

Solution

Upgrade to Apache 2.0.51 or later.

See Also

https://bz.apache.org/bugzilla/show_bug.cgi?id=31183

https://archive.apache.org/dist/httpd/CHANGES_2.0

Plugin Details

Severity: Medium

ID: 14748

File Name: apache_2_0_51.nasl

Version: 1.30

Type: remote

Family: Web Servers

Published: 2004/09/16

Updated: 2018/11/15

Dependencies: 48204

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5.1

Temporal Score: 4

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 5.6

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server

Required KB Items: installed_sw/Apache

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2004/07/08

Reference Information

CVE: CVE-2004-0747, CVE-2004-0748, CVE-2004-0751, CVE-2004-0786, CVE-2004-0809

BID: 11185, 11187