Apache 2.2.x < 2.2.14 Multiple Vulnerabilities

high Nessus Plugin ID 42052

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.14. It is, therefore, potentially affected by multiple vulnerabilities :

- Faulty error handling in the Solaris pollset support could lead to a denial of service. (CVE-2009-2699)

- The 'mod_proxy_ftp' module allows remote attackers to bypass intended access restrictions. (CVE-2009-3095)

- The 'ap_proxy_ftp_handler' function in 'modules/proxy/proxy_ftp.c' in the 'mod_proxy_ftp' module allows remote FTP servers to cause a denial of service. (CVE-2009-3094)

Note that the remote web server may not actually be affected by these vulnerabilities as Nessus did not try to determine whether the affected modules are in use or check for the issues themselves.

Solution

Upgrade to Apache version 2.2.14 or later. Alternatively, ensure that the affected modules are not in use.

See Also

http://www.securityfocus.com/advisories/17947

http://www.securityfocus.com/advisories/17959

http://www.nessus.org/u?e470f137

https://bz.apache.org/bugzilla/show_bug.cgi?id=47645

http://www.nessus.org/u?c34c4eda

Plugin Details

Severity: High

ID: 42052

File Name: apache_2_2_14.nasl

Version: 1.32

Type: remote

Family: Web Servers

Published: 10/7/2009

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server

Required KB Items: installed_sw/Apache

Exploit Ease: No known exploits are available

Patch Publication Date: 10/5/2009

Vulnerability Publication Date: 10/5/2009

Reference Information

CVE: CVE-2009-2699, CVE-2009-3094, CVE-2009-3095

BID: 36254, 36260, 36596

CWE: 119, 264

Secunia: 36549