GLSA-200509-12 : Apache, mod_ssl: Multiple vulnerabilities
Critical Nessus Plugin ID 19811
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200509-12 (Apache, mod_ssl: Multiple vulnerabilities)
mod_ssl contains a security issue when 'SSLVerifyClient optional' is configured in the global virtual host configuration (CAN-2005-2700).
Also, Apache's httpd includes a PCRE library, which makes it vulnerable to an integer overflow (CAN-2005-2491).
Under a specific configuration, mod_ssl does not properly enforce the client-based certificate authentication directive, 'SSLVerifyClient require', in a per-location context, which could be potentially used by a remote attacker to bypass some restrictions. By creating a specially crafted '.htaccess' file, a local attacker could possibly exploit Apache's vulnerability, which would result in a local privilege escalation.
There is no known workaround at this time.
SolutionAll mod_ssl users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-www/mod_ssl-2.8.24' All Apache 2 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/apache-2.0.54-r15'