CVE-2007-6420 - Cross-Site Request Forgery (CSRF) vulnerability in Apache Http Server

Publication

2008-01-12

Last modification

2018-10-30

Summary

Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.

Description

The Apache 'mod_proxy_balancer' module is prone to multiple vulnerabilities, including denial-of-service, memory-corruption, cross-site scripting, HTML-injection, and cross-site request-forgery issues.Attackers can exploit these issues to inject arbitrary script code into vulnerable sections of the application, execute this script code in the browser of a user in the context of the affected site, and perform certain actions using the user's active session. Attackers can exploit the denial-of-service issue to deny further service to legitimate users. Exploiting the memory-corruption vulnerability is likely to cause a crash and could allow arbitrary code to run, but this has not been confirmed.The issues affect Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0; other versions may also be vulnerable.

Solution

The vendor released Apache 2.2.7-dev to address these issues. Please see the references for more information. NOTE: Apache 2.2.7-dev is a development version. Apache 2.2.9 is available and addresses the cross-site request-forgery issue. Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu apache2-doc_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-event_2.2.4-3ubuntu0.2_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-even t_2.2.4-3ubuntu0.2_powerpc.deb Ubuntu apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-prefork_2.2.4-3ubuntu0.2_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.2.4-3ubuntu0.2_powerpc.deb Ubuntu apache2-mpm-worker_2.2.4-3ubuntu0.2_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.2.4-3ubuntu0.2_powerpc.deb Ubuntu apache2-prefork-dev_2.2.4-3ubuntu0.2_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.2.4-3ubuntu0.2_powerpc.deb Ubuntu apache2-src_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-threaded-dev_2.2.4-3ubuntu0.2_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.2.4-3ubuntu0.2_powerpc.deb Ubuntu apache2-utils_2.2.4-3ubuntu0.2_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 2.4-3ubuntu0.2_powerpc.deb Ubuntu apache2.2-common_2.2.4-3ubuntu0.2_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common _2.2.4-3ubuntu0.2_powerpc.deb Ubuntu apache2_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3u buntu0.2_all.deb Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu apache2-doc_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-event_2.2.8-1ubuntu0.4_powerpc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1u buntu0.4_powerpc.deb Ubuntu apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-prefork_2.2.8-1ubuntu0.4_powerpc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8- 1ubuntu0.4_powerpc.deb Ubuntu apache2-mpm-worker_2.2.8-1ubuntu0.4_powerpc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1 ubuntu0.4_powerpc.deb Ubuntu apache2-prefork-dev_2.2.8-1ubuntu0.4_powerpc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8- 1ubuntu0.4_powerpc.deb Ubuntu apache2-src_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-threaded-dev_2.2.8-1ubuntu0.4_powerpc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8 -1ubuntu0.4_powerpc.deb Ubuntu apache2-utils_2.2.8-1ubuntu0.4_powerpc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubunt u0.4_powerpc.deb Ubuntu apache2.2-common_2.2.8-1ubuntu0.4_powerpc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ub untu0.4_powerpc.deb Ubuntu apache2_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1u buntu0.4_all.deb Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu apache2-doc_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-event_2.2.8-1ubuntu0.4_sparc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1u buntu0.4_sparc.deb Ubuntu apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-prefork_2.2.8-1ubuntu0.4_sparc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8- 1ubuntu0.4_sparc.deb Ubuntu apache2-mpm-worker_2.2.8-1ubuntu0.4_sparc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1 ubuntu0.4_sparc.deb Ubuntu apache2-prefork-dev_2.2.8-1ubuntu0.4_sparc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8- 1ubuntu0.4_sparc.deb Ubuntu apache2-src_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-threaded-dev_2.2.8-1ubuntu0.4_sparc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8 -1ubuntu0.4_sparc.deb Ubuntu apache2-utils_2.2.8-1ubuntu0.4_sparc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubunt u0.4_sparc.deb Ubuntu apache2.2-common_2.2.8-1ubuntu0.4_sparc.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ub untu0.4_sparc.deb Ubuntu apache2_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1u buntu0.4_all.deb Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu apache2-common_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2 .0.55-4ubuntu2.4_sparc.deb Ubuntu apache2-doc_2.0.55-4ubuntu2.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0. 55-4ubuntu2.4_all.deb Ubuntu apache2-mpm-perchild_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.0.55-4ubuntu2.4_sparc.deb Ubuntu apache2-mpm-prefork_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.0.55-4ubuntu2.4_sparc.deb Ubuntu apache2-mpm-worker_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.0.55-4ubuntu2.4_sparc.deb Ubuntu apache2-prefork-dev_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.0.55-4ubuntu2.4_sparc.deb Ubuntu apache2-threaded-dev_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.0.55-4ubuntu2.4_sparc.deb Ubuntu apache2-utils_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 0.55-4ubuntu2.4_sparc.deb Ubuntu apache2_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4 ubuntu2.4_sparc.deb Ubuntu libapr0-dev_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0. 55-4ubuntu2.4_sparc.deb Ubuntu libapr0_2.0.55-4ubuntu2.4_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4 ubuntu2.4_sparc.deb Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu apache2-doc_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-event_2.2.8-1ubuntu0.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-even t_2.2.8-1ubuntu0.4_amd64.deb Ubuntu apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-prefork_2.2.8-1ubuntu0.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.2.8-1ubuntu0.4_amd64.deb Ubuntu apache2-mpm-worker_2.2.8-1ubuntu0.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.2.8-1ubuntu0.4_amd64.deb Ubuntu apache2-prefork-dev_2.2.8-1ubuntu0.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.2.8-1ubuntu0.4_amd64.deb Ubuntu apache2-src_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-threaded-dev_2.2.8-1ubuntu0.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.2.8-1ubuntu0.4_amd64.deb Ubuntu apache2-utils_2.2.8-1ubuntu0.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 2.8-1ubuntu0.4_amd64.deb Ubuntu apache2.2-common_2.2.8-1ubuntu0.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common _2.2.8-1ubuntu0.4_amd64.deb Ubuntu apache2_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1u buntu0.4_all.deb Apache Apache 2.2.5-dev Apache Software Foundation httpd-2.2.9-win32-src.zip http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9-win32-src.zip Apache Software Foundation httpd-2.2.9.tar.gz http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9.tar.gz Ubuntu Ubuntu Linux 7.10 sparc Ubuntu apache2-doc_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-event_2.2.4-3ubuntu0.2_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-even t_2.2.4-3ubuntu0.2_sparc.deb Ubuntu apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-prefork_2.2.4-3ubuntu0.2_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.2.4-3ubuntu0.2_sparc.deb Ubuntu apache2-mpm-worker_2.2.4-3ubuntu0.2_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.2.4-3ubuntu0.2_sparc.deb Ubuntu apache2-prefork-dev_2.2.4-3ubuntu0.2_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.2.4-3ubuntu0.2_sparc.deb Ubuntu apache2-src_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-threaded-dev_2.2.4-3ubuntu0.2_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.2.4-3ubuntu0.2_sparc.deb Ubuntu apache2-utils_2.2.4-3ubuntu0.2_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 2.4-3ubuntu0.2_sparc.deb Ubuntu apache2.2-common_2.2.4-3ubuntu0.2_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common _2.2.4-3ubuntu0.2_sparc.deb Ubuntu apache2_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3u buntu0.2_all.deb Apache Apache 2.2.6-dev Apache Software Foundation httpd-2.2.9-win32-src.zip http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9-win32-src.zip Apache Software Foundation httpd-2.2.9.tar.gz http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9.tar.gz Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu apache2-common_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2 .0.55-4ubuntu2.4_powerpc.deb Ubuntu apache2-doc_2.0.55-4ubuntu2.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0. 55-4ubuntu2.4_all.deb Ubuntu apache2-mpm-perchild_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.0.55-4ubuntu2.4_powerpc.deb Ubuntu apache2-mpm-prefork_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.0.55-4ubuntu2.4_powerpc.deb Ubuntu apache2-mpm-worker_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.0.55-4ubuntu2.4_powerpc.deb Ubuntu apache2-prefork-dev_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.0.55-4ubuntu2.4_powerpc.deb Ubuntu apache2-threaded-dev_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.0.55-4ubuntu2.4_powerpc.deb Ubuntu apache2-utils_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 0.55-4ubuntu2.4_powerpc.deb Ubuntu apache2_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4 ubuntu2.4_powerpc.deb Ubuntu libapr0-dev_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0. 55-4ubuntu2.4_powerpc.deb Ubuntu libapr0_2.0.55-4ubuntu2.4_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4 ubuntu2.4_powerpc.deb HP HP-UX B.11.23 HP HPUXWSATW-B222-1123-32.depot PA-32 http://software.hp.com HP HPUXWSATW-B222-1123-64.depot IA-64 http://software.hp.com HP HPUXWSATW-B302-32.depot IA-64 http://software.hp.com Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu apache2-doc_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-event_2.2.8-1ubuntu0.4_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1u buntu0.4_lpia.deb Ubuntu apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-prefork_2.2.8-1ubuntu0.4_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8- 1ubuntu0.4_lpia.deb Ubuntu apache2-mpm-worker_2.2.8-1ubuntu0.4_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1 ubuntu0.4_lpia.deb Ubuntu apache2-prefork-dev_2.2.8-1ubuntu0.4_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8- 1ubuntu0.4_lpia.deb Ubuntu apache2-src_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-threaded-dev_2.2.8-1ubuntu0.4_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8 -1ubuntu0.4_lpia.deb Ubuntu apache2-utils_2.2.8-1ubuntu0.4_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubunt u0.4_lpia.deb Ubuntu apache2.2-common_2.2.8-1ubuntu0.4_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ub untu0.4_lpia.deb Ubuntu apache2_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1u buntu0.4_all.deb Ubuntu Ubuntu Linux 7.10 lpia Ubuntu apache2-doc_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-event_2.2.4-3ubuntu0.2_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.4-3u buntu0.2_lpia.deb Ubuntu apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-prefork_2.2.4-3ubuntu0.2_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.4- 3ubuntu0.2_lpia.deb Ubuntu apache2-mpm-worker_2.2.4-3ubuntu0.2_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3 ubuntu0.2_lpia.deb Ubuntu apache2-prefork-dev_2.2.4-3ubuntu0.2_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.4- 3ubuntu0.2_lpia.deb Ubuntu apache2-src_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-threaded-dev_2.2.4-3ubuntu0.2_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.4 -3ubuntu0.2_lpia.deb Ubuntu apache2-utils_2.2.4-3ubuntu0.2_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.4-3ubunt u0.2_lpia.deb Ubuntu apache2.2-common_2.2.4-3ubuntu0.2_lpia.deb http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.4-3ub untu0.2_lpia.deb Ubuntu apache2_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3u buntu0.2_all.deb Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu apache2-common_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2 .0.55-4ubuntu2.4_i386.deb Ubuntu apache2-doc_2.0.55-4ubuntu2.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0. 55-4ubuntu2.4_all.deb Ubuntu apache2-mpm-perchild_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.0.55-4ubuntu2.4_i386.deb Ubuntu apache2-mpm-prefork_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.0.55-4ubuntu2.4_i386.deb Ubuntu apache2-mpm-worker_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.0.55-4ubuntu2.4_i386.deb Ubuntu apache2-prefork-dev_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.0.55-4ubuntu2.4_i386.deb Ubuntu apache2-threaded-dev_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.0.55-4ubuntu2.4_i386.deb Ubuntu apache2-utils_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 0.55-4ubuntu2.4_i386.deb Ubuntu apache2_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4 ubuntu2.4_i386.deb Ubuntu libapr0-dev_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0. 55-4ubuntu2.4_i386.deb Ubuntu libapr0_2.0.55-4ubuntu2.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4 ubuntu2.4_i386.deb Ubuntu Ubuntu Linux 7.10 i386 Ubuntu apache2-doc_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-event_2.2.4-3ubuntu0.2_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-even t_2.2.4-3ubuntu0.2_i386.deb Ubuntu apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-prefork_2.2.4-3ubuntu0.2_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.2.4-3ubuntu0.2_i386.deb Ubuntu apache2-mpm-worker_2.2.4-3ubuntu0.2_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.2.4-3ubuntu0.2_i386.deb Ubuntu apache2-prefork-dev_2.2.4-3ubuntu0.2_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.2.4-3ubuntu0.2_i386.deb Ubuntu apache2-src_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-threaded-dev_2.2.4-3ubuntu0.2_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.2.4-3ubuntu0.2_i386.deb Ubuntu apache2-utils_2.2.4-3ubuntu0.2_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 2.4-3ubuntu0.2_i386.deb Ubuntu apache2.2-common_2.2.4-3ubuntu0.2_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common _2.2.4-3ubuntu0.2_i386.deb Ubuntu apache2_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3u buntu0.2_all.deb HP HP-UX B.11.11 HP HPUXWSATW-B222-1111.depot PA-32 http://software.hp.com HP HPUXWSATW-B302-64.depot http://software.hp.com Ubuntu Ubuntu Linux 6.06 LTS amd64 Ubuntu apache2-common_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2 .0.55-4ubuntu2.4_amd64.deb Ubuntu apache2-doc_2.0.55-4ubuntu2.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0. 55-4ubuntu2.4_all.deb Ubuntu apache2-mpm-perchild_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.0.55-4ubuntu2.4_amd64.deb Ubuntu apache2-mpm-prefork_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.0.55-4ubuntu2.4_amd64.deb Ubuntu apache2-mpm-worker_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.0.55-4ubuntu2.4_amd64.deb Ubuntu apache2-prefork-dev_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.0.55-4ubuntu2.4_amd64.deb Ubuntu apache2-threaded-dev_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.0.55-4ubuntu2.4_amd64.deb Ubuntu apache2-utils_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 0.55-4ubuntu2.4_amd64.deb Ubuntu apache2_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4 ubuntu2.4_amd64.deb Ubuntu libapr0-dev_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0. 55-4ubuntu2.4_amd64.deb Ubuntu libapr0_2.0.55-4ubuntu2.4_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4 ubuntu2.4_amd64.deb Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu apache2-doc_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-event_2.2.4-3ubuntu0.2_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-even t_2.2.4-3ubuntu0.2_amd64.deb Ubuntu apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.4-3ubuntu0.2_all.deb Ubuntu apache2-mpm-prefork_2.2.4-3ubuntu0.2_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.2.4-3ubuntu0.2_amd64.deb Ubuntu apache2-mpm-worker_2.2.4-3ubuntu0.2_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.2.4-3ubuntu0.2_amd64.deb Ubuntu apache2-prefork-dev_2.2.4-3ubuntu0.2_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.2.4-3ubuntu0.2_amd64.deb Ubuntu apache2-src_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 4-3ubuntu0.2_all.deb Ubuntu apache2-threaded-dev_2.2.4-3ubuntu0.2_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.2.4-3ubuntu0.2_amd64.deb Ubuntu apache2-utils_2.2.4-3ubuntu0.2_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 2.4-3ubuntu0.2_amd64.deb Ubuntu apache2.2-common_2.2.4-3ubuntu0.2_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common _2.2.4-3ubuntu0.2_amd64.deb Ubuntu apache2_2.2.4-3ubuntu0.2_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3u buntu0.2_all.deb HP HP-UX B.11.31 HP HPUXWSATW-B222-1131-32.depot IA-32 http://software.hp.com HP HPUXWSATW-B222-1131-64.depot IA-64 http://software.hp.com HP HPUXWSATW-B302-32.depot IA-64 http://software.hp.com Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu apache2-doc_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-event_2.2.8-1ubuntu0.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-even t_2.2.8-1ubuntu0.4_i386.deb Ubuntu apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perc hild_2.2.8-1ubuntu0.4_all.deb Ubuntu apache2-mpm-prefork_2.2.8-1ubuntu0.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-pref ork_2.2.8-1ubuntu0.4_i386.deb Ubuntu apache2-mpm-worker_2.2.8-1ubuntu0.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-work er_2.2.8-1ubuntu0.4_i386.deb Ubuntu apache2-prefork-dev_2.2.8-1ubuntu0.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork- dev_2.2.8-1ubuntu0.4_i386.deb Ubuntu apache2-src_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2. 8-1ubuntu0.4_all.deb Ubuntu apache2-threaded-dev_2.2.8-1ubuntu0.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded -dev_2.2.8-1ubuntu0.4_i386.deb Ubuntu apache2-utils_2.2.8-1ubuntu0.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2. 2.8-1ubuntu0.4_i386.deb Ubuntu apache2.2-common_2.2.8-1ubuntu0.4_i386.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common _2.2.8-1ubuntu0.4_i386.deb Ubuntu apache2_2.2.8-1ubuntu0.4_all.deb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1u buntu0.4_all.deb Apple Mac OS X 10.5.2 Apple SecUpd2008-002.dmg http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18157&cat= 57&platform=osx&method=sa/SecUpd2008-002.dmg Apple Mac OS X Server 10.5.2 Apple SecUpdSrvr2008-002.dmg http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18157&cat= 57&platform=osx&method=sa/SecUpdSrvr2008-002.dmg Apple Mac OS X Server 10.5.5 Apple SecUpdSrvr2008-007.dmg http://www.apple.com/support/downloads/securityupdate2008007serverleop ard.html Apache Apache 2.2 Apache Software Foundation httpd-2.2.9-win32-src.zip http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9-win32-src.zip Apache Software Foundation httpd-2.2.9.tar.gz http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9.tar.gz Apache Apache 2.2.2 Apache Software Foundation httpd-2.2.9-win32-src.zip http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9-win32-src.zip Apache Software Foundation httpd-2.2.9.tar.gz http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9.tar.gz Apache Apache 2.2.3 Apache Software Foundation httpd-2.2.9-win32-src.zip http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9-win32-src.zip Apache Software Foundation httpd-2.2.9.tar.gz http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9.tar.gz Apache Apache 2.2.4 Apache Software Foundation httpd-2.2.9-win32-src.zip http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9-win32-src.zip Apache Software Foundation httpd-2.2.9.tar.gz http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9.tar.gz Apache Apache 2.2.5 Apache Software Foundation httpd-2.2.9-win32-src.zip http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9-win32-src.zip Apache Software Foundation httpd-2.2.9.tar.gz http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9.tar.gz Apache Apache 2.2.6 Apache Software Foundation httpd-2.2.9-win32-src.zip http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9-win32-src.zip Apache Software Foundation httpd-2.2.9.tar.gz http://apache.sunsite.ualberta.ca/httpd/httpd-2.2.9.tar.gz

Exploit

The researcher who found these issues has developed working exploit code, but it is not publicly available.

Classification

CWE-352 - Cross-Site Request Forgery (CSRF)

Risk level (CVSS AV:N/AC:M/Au:N/C:N/I:P/A:N)

Medium

4.3

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Vendor comments

  • Mark J Cox - Apache (2008-07-02)
    Fixed in Apache HTTP Server 2.2.9. http://httpd.apache.org/security/vulnerabilities_22.html
  • Vincent Danen - Mandriva (2008-03-12)
    Mandriva ships mod_proxy_balancer but will not be issuing updates to correct this flaw as the security risk is quite low due to the fact that is not enabled by default, the at-risk user would have to be authenticated, and successful exploitation would be limited to a denial of service on the web server.
  • Mark J Cox - Red Hat (2008-01-24)
    mod_proxy_balancer is shipped in Red Hat Enterprise Linux 5 and Red Hat Application Stack v2. We do not plan on correcting this issue as it poses a very low security risk: The balancer manager is not enabled by default, the user targeted by the CSRF would need to be authenticated, and the consequences of an exploit would be limited to a web server denial of service.

OVAL definition

{
    "accepted": "2014-07-14T04:01:29.009-04:00",
    "class": "vulnerability",
    "contributors": [
        {
            "name": "J. Daniel Brown",
            "organization": "DTCC"
        },
        {
            "name": "Mike Lah",
            "organization": "The MITRE Corporation"
        },
        {
            "name": "Shane Shaffer",
            "organization": "G2, Inc."
        },
        {
            "name": "Maria Mikhno",
            "organization": "ALTX-SOFT"
        }
    ],
    "definition_extensions": [
        {
            "comment": "Apache HTTP Server 2.2.x is installed on the system",
            "oval": "oval:org.mitre.oval:def:8550"
        }
    ],
    "description": "Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.",
    "family": "windows",
    "id": "oval:org.mitre.oval:def:8371",
    "status": "accepted",
    "submitted": "2010-03-08T17:30:00.000-05:00",
    "title": "Apache 'mod_proxy_balancer' Cross-Site Request Forgery (CSRF) Vulnerability",
    "version": "11"
}

Affected Products

Vendor Product Versions
Apache Http Server  2.2.0 , 2.2.2 , 2.2.4 , 2.2.3 , 2.2.6