Web Servers : mod_ssl off by one

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.11039

Category: Web Servers

Title: mod_ssl off by one

Summary: Checks for version of mod_ssl

Description:
The remote host is using a version of mod_ssl which is
older than 2.8.10.

This version is vulnerable to an off by one buffer overflow
which may allow a user with write access to .htaccess files
to execute arbitrary code on the system with permissions
of the web server.

*** Note that several Linux distributions (such as RedHat)
*** patched the old version of this module. Therefore, this
*** might be a false positive. Please check with your vendor
*** to determine if you really are vulnerable to this flaw

Solution : Upgrade to version 2.8.10 or newer

Cross-Ref: BugTraq ID: 5084
Common Vulnerability Exposure (CVE) ID: CVE-2002-0653
http://marc.theaimsgroup.com/?l=vuln-dev&m=102477330617604&w=2
Bugtraq: 20020624 Apache mod_ssl off-by-one vulnerability (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=102513970919836&w=2
http://www.redhat.com/support/errata/RHSA-2002-134.html
http://www.redhat.com/support/errata/RHSA-2002-135.html
http://www.redhat.com/support/errata/RHSA-2002-136.html
http://www.redhat.com/support/errata/RHSA-2002-146.html
RedHat Security Advisories: RHSA-2002:164
http://rhn.redhat.com/errata/RHSA-2002-164.html
http://www.redhat.com/support/errata/RHSA-2003-106.html
Caldera Security Advisory: CSSA-2002-031.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-031.0.txt
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-048.php
Debian Security Information: DSA-135 (Google Search)
http://www.debian.org/security/2002/dsa-135
En Garde Linux Advisory: ESA-20020702-017
http://marc.theaimsgroup.com/?l=bugtraq&m=102563469326072&w=2
SuSE Security Announcement: SuSE-SA:2002:028 (Google Search)
http://www.novell.com/linux/security/advisories/2002_028_mod_ssl.html
Conectiva Linux advisory: CLA-2002:504
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000504
Bugtraq: 20020628 TSL-2002-0058 - apache/mod_ssl (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2002-06/0350.html
HPdes Security Advisory: HPSBTL0207-052
http://archives.neohapsis.com/archives/hp/2002-q3/0018.html
http://www.securityfocus.com/bid/5084
http://www.iss.net/security_center/static/9415.php

Copyright This script is Copyright (C) 2002 Thomas Reinke

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.11039
Category:	Web Servers
Title:	mod_ssl off by one
Summary:	Checks for version of mod_ssl
Description:	The remote host is using a version of mod_ssl which is older than 2.8.10. This version is vulnerable to an off by one buffer overflow which may allow a user with write access to .htaccess files to execute arbitrary code on the system with permissions of the web server. * Note that several Linux distributions (such as RedHat) * patched the old version of this module. Therefore, this * might be a false positive. Please check with your vendor * to determine if you really are vulnerable to this flaw Solution : Upgrade to version 2.8.10 or newer
Cross-Ref:	BugTraq ID: 5084 Common Vulnerability Exposure (CVE) ID: CVE-2002-0653 http://marc.theaimsgroup.com/?l=vuln-dev&m=102477330617604&w=2 Bugtraq: 20020624 Apache mod_ssl off-by-one vulnerability (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=102513970919836&w=2 http://www.redhat.com/support/errata/RHSA-2002-134.html http://www.redhat.com/support/errata/RHSA-2002-135.html http://www.redhat.com/support/errata/RHSA-2002-136.html http://www.redhat.com/support/errata/RHSA-2002-146.html RedHat Security Advisories: RHSA-2002:164 http://rhn.redhat.com/errata/RHSA-2002-164.html http://www.redhat.com/support/errata/RHSA-2003-106.html Caldera Security Advisory: CSSA-2002-031.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-031.0.txt http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-048.php Debian Security Information: DSA-135 (Google Search) http://www.debian.org/security/2002/dsa-135 En Garde Linux Advisory: ESA-20020702-017 http://marc.theaimsgroup.com/?l=bugtraq&m=102563469326072&w=2 SuSE Security Announcement: SuSE-SA:2002:028 (Google Search) http://www.novell.com/linux/security/advisories/2002_028_mod_ssl.html Conectiva Linux advisory: CLA-2002:504 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000504 Bugtraq: 20020628 TSL-2002-0058 - apache/mod_ssl (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-06/0350.html HPdes Security Advisory: HPSBTL0207-052 http://archives.neohapsis.com/archives/hp/2002-q3/0018.html http://www.securityfocus.com/bid/5084 http://www.iss.net/security_center/static/9415.php
Copyright	This script is Copyright (C) 2002 Thomas Reinke