Security News > 2021 > December > Critical Apache HTTPD Server Bugs Could Lead to RCE, DoS
Don't duck at the latest mention of Apache: Two critical bugs in its HTTP web server - HTTPD - need to be patched pronto, lest they lead to attackers triggering denial of service or bypassing your security policies.
Both vulnerabilities are found in Apache HTTP Server 2.4.51 and earlier.
CVE-2021-44790: Possible buffer overflow when parsing a carefully crafted request in the mod lua multipart parser of Apache HTTP Server 2.4.51 and earlier.
CVE-2021-44224: Possible NULL dereference or Server Side Request Forgery in forward proxy configurations, likewise in Apache HTTP Server 2.4.51 and earlier.
These bugs shouldn't get lost amidst the Log4J brouhaha, Ducklin said, given that "You almost certainly have Apache HTTPD in your network somewhere. Just like Log4j, HTTPD has a habit of getting itself quietly included into software projects, for example as part of an internal service that works so well that it rarely draws attention to itself, or as a component built unobtrusively into a product or service you sell that isn't predominantly thought of as 'containing a web server.'".
"Our cyber-debt specific to Apache software was substantial prior to Log4Shell or these new HTTPD web server vulns."
News URL
https://threatpost.com/apache-httpd-server-bugs-rce-dos/177234/
Related news
- Critical Langflow RCE flaw exploited to hack AI app servers (source)
- Apache Parquet exploit tool detect servers vulnerable to critical flaw (source)
- Max severity RCE flaw discovered in widely used Apache Parquet (source)
- Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code (source)
- CentreStack RCE exploited as zero-day to breach file sharing servers (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical flaws fixed in Nagios Log Server (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-20 | CVE-2021-44790 | Out-of-bounds Write vulnerability in multiple products A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). | 9.8 |
| 2021-12-20 | CVE-2021-44224 | NULL Pointer Dereference vulnerability in multiple products A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). | 8.2 |