Detections
Analytics
Alibaba Cloud Linux 3 : 0133: httpd:2.4 (ALINUX3-SA-2022:0133)
high Nessus Plugin ID 236430
Synopsis
The remote Alibaba Cloud Linux host is missing one or more security updates.Description
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0133 advisory.Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities:
CVE-2020-13950:
Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service
CVE-2020-35452:
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
CVE-2021-33193:
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
CVE-2021-36160:
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
CVE-2022-30184:
.NET and Visual Studio Information Disclosure Vulnerability.
CVE-2021-44224:
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
Tenable has extracted the preceding description block directly from the Alibaba Cloud Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
http://mirrors.aliyun.com/alinux/3/cve/alinux3-sa-20220133.xml
Plugin Details
Severity: High
ID: 236430
File Name: alinux3_sa_2022-0133.nasl
Version: 1.1
Type: local
Published: 5/14/2025
Updated: 5/14/2025
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2020-35452
CVSS v3
Risk Factor: High
Base Score: 8.2
Temporal Score: 7.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2021-44224
Vulnerability Information
CPE: p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:mod_ssl-debuginfo, cpe:/o:alibabacloud:alibaba_cloud_linux_3, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:httpd-filesystem, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:mod_ldap, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:mod_ldap-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:httpd-manual, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:httpd-devel, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:mod_proxy_html, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:mod_session, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:httpd-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:httpd-tools-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:mod_ssl, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:httpd-debugsource, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:httpd, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:httpd-tools, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:mod_session-debuginfo, p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:mod_proxy_html-debuginfo
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Alibaba/release, Host/Alibaba/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 7/21/2022
Vulnerability Publication Date: 6/1/2021
Reference Information
CVE: CVE-2020-13950, CVE-2020-35452, CVE-2021-33193, CVE-2021-36160, CVE-2021-44224, CVE-2022-30184