English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 72022 CVE descriptions
and 38680 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70737
Category:FreeBSD Local Security Checks
Title:FreeBSD Ports: apache
Summary:FreeBSD Ports: apache
Description:The remote host is missing an update to the system
as announced in the referenced advisory.

The following package is affected: apache

CVE-2011-3368
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42,
2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly
interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern
matches for configuration of a reverse proxy, which allows remote
attackers to send requests to intranet servers via a malformed URI
containing an initial @ (at sign) character.

CVE-2011-3607
Integer overflow in the ap_pregsub function in server/util.c in the
Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when
the mod_setenvif module is enabled, allows local users to gain
privileges via a .htaccess file with a crafted SetEnvIf directive, in
conjunction with a crafted HTTP request header, leading to a
heap-based buffer overflow.

CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42,
2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision
1179239 patch is in place, does not properly interact with use of (1)
RewriteRule and (2) ProxyPassMatch pattern matches for configuration
of a reverse proxy, which allows remote attackers to send requests to
intranet servers via a malformed URI containing an @ (at sign)
character and a : (colon) character in invalid positions. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2011-3368.

CVE-2012-0021
The log_cookie function in mod_log_config.c in the mod_log_config
module in the Apache HTTP Server 2.2.17 through 2.2.21, when a
threaded MPM is used, does not properly handle a %{}C format string,
which allows remote attackers to cause a denial of service (daemon
crash) via a cookie that lacks both a name and a value.

CVE-2012-0031
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow
local users to cause a denial of service (daemon crash during
shutdown) or possibly have unspecified other impact by modifying a
certain type field within a scoreboard shared memory segment, leading
to an invalid call to the free function.

CVE-2012-0053
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not
properly restrict header information during construction of Bad
Request (aka 400) error documents, which allows remote attackers to
obtain the values of HTTPOnly cookies via vectors involving a (1) long
or (2) malformed header in conjunction with crafted web script.

Solution:
Update your system with the appropriate patches or
software upgrades.

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-3368
http://www.exploit-db.com/exploits/17969
http://seclists.org/fulldisclosure/2011/Oct/232
http://seclists.org/fulldisclosure/2011/Oct/273
http://web.archiveorange.com/archive/v/ZyS0hzECD5zzb2NkvQlt
http://www.contextis.com/research/blog/reverseproxybypass/
AIX APAR: SE49723
http://www-01.ibm.com/support/docview.wss?uid=nas2064c7e5f53452ff686257927003c8d42
AIX APAR: SE49724
http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
HPdes Security Advisory: HPSBOV02822
http://marc.info/?l=bugtraq&m=134987041210674&w=2
HPdes Security Advisory: SSRT100966
http://www.mandriva.com/security/advisories?name=MDVSA-2011:144
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.redhat.com/support/errata/RHSA-2011-1391.html
http://www.redhat.com/support/errata/RHSA-2011-1392.html
SuSE Security Announcement: SUSE-SU-2011:1229 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
SuSE Security Announcement: openSUSE-SU-2013:0243 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html
SuSE Security Announcement: openSUSE-SU-2013:0248 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
BugTraq ID: 49957
http://www.securityfocus.com/bid/49957
http://osvdb.org/76079
http://www.securitytracker.com/id?1026144
http://secunia.com/advisories/46288
http://secunia.com/advisories/46414
http://secunia.com/advisories/48551
XForce ISS Database: apache-modproxy-information-disclosure(70336)
http://xforce.iss.net/xforce/xfdb/70336
Common Vulnerability Exposure (CVE) ID: CVE-2011-3607
http://archives.neohapsis.com/archives/fulldisclosure/2011-11/0023.html
http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/DemoExploit.html
HPdes Security Advisory: HPSBMU02786
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
HPdes Security Advisory: SSRT100877
http://www.mandriva.com/security/advisories?name=MDVSA-2012:003
RedHat Security Advisories: RHSA-2012:0128
http://rhn.redhat.com/errata/RHSA-2012-0128.html
BugTraq ID: 50494
http://www.securityfocus.com/bid/50494
http://www.osvdb.org/76744
http://securitytracker.com/id?1026267
http://secunia.com/advisories/45793
XForce ISS Database: apache-http-appregsub-bo(71093)
http://xforce.iss.net/xforce/xfdb/71093
Common Vulnerability Exposure (CVE) ID: CVE-2011-4317
https://community.qualys.com/blogs/securitylabs/2011/11/23/apache-reverse-proxy-bypass-issue
http://www.securitytracker.com/id?1026353
Common Vulnerability Exposure (CVE) ID: CVE-2012-0021
Common Vulnerability Exposure (CVE) ID: CVE-2012-0031
http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
SuSE Security Announcement: openSUSE-SU-2012:0314 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html
BugTraq ID: 51407
http://www.securityfocus.com/bid/51407
http://secunia.com/advisories/47410
Common Vulnerability Exposure (CVE) ID: CVE-2012-0053
HPdes Security Advisory: HPSBST02848
http://marc.info/?l=bugtraq&m=136441204617335&w=2
HPdes Security Advisory: SSRT101112
BugTraq ID: 51706
http://www.securityfocus.com/bid/51706
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 38680 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.