Detections
Analytics

IBM HTTP Server on Windows Apache Portable Runtime (APR) Named Pipe DoS

medium Nessus Plugin ID 84290

Language:

Synopsis

The remote web server may be affected by a denial of service vulnerability.

Description

According to its banner, the version of IBM HTTP Server running on the remote host is potentially affected by a denial of service vulnerability due to an error related to the included Apache Portable Runtime (APR) and named pipe handling. A local attacker, using a 'named pipe squatting attack' from a local process, can exploit this to cause a denial of service. This issue only affects IBM HTTP Server on Windows.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Also note that Nessus has not attempted to determine if the 'PI39833' interim fix or a later patch has been applied. If a patch has already been applied, consider this a false positive.

Solution

Upgrade to 6.0.2.43, 6.1.0.47, 7.0.0.37, 8.0.0.9, or 8.5.5.5. Then apply Interim Fix PI39833.

Note that the fix is scheduled to be included in the following versions :

 - 7.0.0.39
- 8.0.0.11
- 8.5.5.7

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg21959081

http://www-01.ibm.com/support/docview.wss?uid=swg24040155

Plugin Details

Severity: Medium

ID: 84290

File Name: ibm_http_server_PI39833.nasl

Version: 1.8

Type: remote

Family: Web Servers

Published: 6/19/2015

Updated: 11/22/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2015-1829

Vulnerability Information

CPE: cpe:/a:ibm:http_server

Required KB Items: Settings/ParanoidReport, Host/OS, www/ibm-http

Exploit Ease: No known exploits are available

Patch Publication Date: 6/10/2015

Vulnerability Publication Date: 4/29/2015

Reference Information

CVE: CVE-2015-1829

BID: 75164