Vulnerabilities > CVE-2014-0226 - Race Condition vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Leveraging Race Conditions This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
- Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.
Exploit-Db
| description | Apache 2.4.7 mod_status Scoreboard Handling Race Condition. CVE-2014-0226. Dos exploit for linux platform |
| file | exploits/linux/dos/34133.txt |
| id | EDB-ID:34133 |
| last seen | 2016-02-03 |
| modified | 2014-07-21 |
| platform | linux |
| port | |
| published | 2014-07-21 |
| reporter | Marek Kroemeke |
| source | https://www.exploit-db.com/download/34133/ |
| title | Apache 2.4.7 mod_status Scoreboard Handling Race Condition |
| type | dos |
Nessus
NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2014-388.NASL description A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 78331 published 2014-10-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/78331 title Amazon Linux AMI : httpd (ALAS-2014-388) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2014-388. # include("compat.inc"); if (description) { script_id(78331); script_version("1.6"); script_cvs_date("Date: 2018/04/18 15:09:35"); script_cve_id("CVE-2014-0118", "CVE-2014-0226", "CVE-2014-0231"); script_xref(name:"ALAS", value:"2014-388"); script_xref(name:"RHSA", value:"2014:0920"); script_name(english:"Amazon Linux AMI : httpd (ALAS-2014-388)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the 'apache' user. (CVE-2014-0226) A denial of service flaw was found in the way httpd's mod_deflate module handled request body decompression (configured via the 'DEFLATE' input filter). A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and CPU on the target system. (CVE-2014-0118) A denial of service flaw was found in the way httpd's mod_cgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely. (CVE-2014-0231)" ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2014-388.html" ); script_set_attribute( attribute:"solution", value:"Run 'yum update httpd' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:httpd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:httpd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:httpd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:httpd-manual"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:httpd-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mod_ssl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/07/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"httpd-2.2.27-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"httpd-debuginfo-2.2.27-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"httpd-devel-2.2.27-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"httpd-manual-2.2.27-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"httpd-tools-2.2.27-1.3.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"mod_ssl-2.2.27-1.3.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "httpd / httpd-debuginfo / httpd-devel / httpd-manual / httpd-tools / etc"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-1087.NASL description Red Hat JBoss Web Server 2.1.0, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. This release serves as a replacement for Red Hat JBoss Web Server 2.0.1, and includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.0 Release Notes, linked to in the References section, for information on the most significant of these changes. The following security issues are also fixed with this release : A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 77356 published 2014-08-23 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77356 title RHEL 6 : JBoss Web Server (RHSA-2014:1087) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2014:1087. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(77356); script_version("1.22"); script_cvs_date("Date: 2019/10/24 15:35:38"); script_cve_id("CVE-2013-4590", "CVE-2014-0118", "CVE-2014-0119", "CVE-2014-0226", "CVE-2014-0227", "CVE-2014-0231"); script_xref(name:"RHSA", value:"2014:1087"); script_name(english:"RHEL 6 : JBoss Web Server (RHSA-2014:1087)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Red Hat JBoss Web Server 2.1.0, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. This release serves as a replacement for Red Hat JBoss Web Server 2.0.1, and includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.0 Release Notes, linked to in the References section, for information on the most significant of these changes. The following security issues are also fixed with this release : A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the 'apache' user. (CVE-2014-0226) A denial of service flaw was found in the way httpd's mod_deflate module handled request body decompression (configured via the 'DEFLATE' input filter). A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and CPU on the target system. (CVE-2014-0118) A denial of service flaw was found in the way httpd's mod_cgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely. (CVE-2014-0231) It was found that several application-provided XML files, such as web.xml, content.xml, *.tld, *.tagx, and *.jspx, resolved external entities, permitting XML External Entity (XXE) attacks. An attacker able to deploy malicious applications to Tomcat could use this flaw to circumvent security restrictions set by the JSM, and gain access to sensitive information on the system. Note that this flaw only affected deployments in which Tomcat is running applications from untrusted sources, such as in a shared hosting environment. (CVE-2013-4590) It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs), and tag plug-in configuration files. The injected XML parser(s) could then bypass the limits imposed on XML external entities and/or gain access to the XML files processed for other web applications deployed on the same Tomcat instance. (CVE-2014-0119) All users of Red Hat JBoss Web Server 2.0.1 on Red Hat Enterprise Linux 6 are advised to upgrade to Red Hat JBoss Web Server 2.1.0. The JBoss server process must be restarted for this update to take effect." ); # https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Web_Server/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?765407e2" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2014:1087" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-4590" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0118" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0119" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0226" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0227" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0231" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:antlr-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-tomcat-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-logging-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-logging-tomcat-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-tomcat-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dom4j-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-c3p0-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-core-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-envers-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-manual"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:httpd-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:javassist-eap6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-logging"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-transaction-api_1.1_spec"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_cluster"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_jk-ap22"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_jk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_jk-manual"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_rt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_rt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_ssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:storeconfig-tc6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:storeconfig-tc7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat-native"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat-native-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/02/26"); script_set_attribute(attribute:"patch_publication_date", value:"2014/08/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2014:1087"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL6", rpm:"jws-2"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss Web Server"); if (rpm_check(release:"RHEL6", reference:"antlr-eap6-2.7.7-17.redhat_4.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"apache-commons-collections-eap6-3.2.1-15.redhat_3.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"apache-commons-collections-tomcat-eap6-3.2.1-15.redhat_3.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"apache-commons-daemon-eap6-1.0.15-5.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"apache-commons-daemon-jsvc-eap6-1.0.15-6.redhat_2.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"apache-commons-daemon-jsvc-eap6-1.0.15-6.redhat_2.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"apache-commons-daemon-jsvc-eap6-debuginfo-1.0.15-6.redhat_2.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"apache-commons-daemon-jsvc-eap6-debuginfo-1.0.15-6.redhat_2.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"apache-commons-logging-eap6-1.1.1-7.9_redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"apache-commons-logging-tomcat-eap6-1.1.1-7.9_redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"apache-commons-pool-eap6-1.6-7.redhat_6.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"apache-commons-pool-tomcat-eap6-1.6-7.redhat_6.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"dom4j-eap6-1.6.1-20.redhat_6.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"hibernate4-c3p0-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"hibernate4-core-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"hibernate4-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"hibernate4-entitymanager-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"hibernate4-envers-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"hibernate4-infinispan-eap6-4.2.14-3.SP1_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"httpd-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"httpd-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"httpd-debuginfo-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"httpd-debuginfo-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"httpd-devel-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"httpd-devel-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"httpd-manual-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"httpd-manual-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"httpd-tools-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"httpd-tools-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"javassist-eap6-3.18.1-1.GA_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"jboss-logging-3.1.4-1.GA_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"jboss-transaction-api_1.1_spec-1.0.1-12.Final_redhat_2.2.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"mod_cluster-1.2.9-1.Final_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_cluster-native-1.2.9-3.Final_redhat_2.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_cluster-native-1.2.9-3.Final_redhat_2.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_cluster-native-debuginfo-1.2.9-3.Final_redhat_2.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_cluster-native-debuginfo-1.2.9-3.Final_redhat_2.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"mod_cluster-tomcat6-1.2.9-1.Final_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"mod_cluster-tomcat7-1.2.9-1.Final_redhat_1.1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_jk-ap22-1.2.40-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_jk-ap22-1.2.40-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_jk-debuginfo-1.2.40-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_jk-debuginfo-1.2.40-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_jk-manual-1.2.40-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_jk-manual-1.2.40-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_rt-2.4.1-6.GA.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_rt-2.4.1-6.GA.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_rt-debuginfo-2.4.1-6.GA.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_rt-debuginfo-2.4.1-6.GA.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_snmp-2.4.1-13.GA.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_snmp-2.4.1-13.GA.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_snmp-debuginfo-2.4.1-13.GA.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_snmp-debuginfo-2.4.1-13.GA.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"mod_ssl-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"mod_ssl-2.2.26-35.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"storeconfig-tc6-0.0.1-7.Alpha3_redhat_12.3.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"storeconfig-tc7-0.0.1-7.Alpha3_redhat_12.5.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"tomcat-native-1.1.30-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"tomcat-native-1.1.30-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"i386", reference:"tomcat-native-debuginfo-1.1.30-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"tomcat-native-debuginfo-1.1.30-2.redhat_1.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-admin-webapps-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-docs-webapp-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-el-2.1-api-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-javadoc-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-jsp-2.1-api-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-lib-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-log4j-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-servlet-2.5-api-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat6-webapps-6.0.41-5_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-7.0.54-6_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-admin-webapps-7.0.54-6_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-docs-webapp-7.0.54-6_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-el-2.2-api-7.0.54-6_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-javadoc-7.0.54-6_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-jsp-2.2-api-7.0.54-6_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-lib-7.0.54-6_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-log4j-7.0.54-6_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-servlet-3.0-api-7.0.54-6_patch_02.ep6.el6")) flag++; if (rpm_check(release:"RHEL6", reference:"tomcat7-webapps-7.0.54-6_patch_02.ep6.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "antlr-eap6 / apache-commons-collections-eap6 / etc"); } }NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-503.NASL description This apache2 update fixes the following security issues : - fix for crash in mod_proxy processing specially crafted requests with reverse proxy configurations that results in a crash and a DoS condition for the server. CVE-2014-0117 - new config option CGIDScriptTimeout set to 60s in new file conf.d/cgid-timeout.conf, preventing worker processes hanging forever if a cgi launched from them has stopped reading input from the server (DoS). CVE-2014-0231 - Fix for a NULL pointer dereference in mod_cache that causes a crash in caching forwarding configurations, resulting in a DoS condition. CVE-2013-4352 - fix for crash in parsing cookie content, resulting in a DoS against the server CVE-2014-0098 - fix for mod_status race condition in scoreboard handling and consecutive heap overflow and information disclosure if access to mod_status is granted to a potential attacker. CVE-2014-0226 - fix for improper handling of whitespace characters from CDATA sections to mod_dav, leading to a crash and a DoS condition of the apache server process CVE-2013-6438 last seen 2020-06-05 modified 2014-08-21 plugin id 77292 published 2014-08-21 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77292 title openSUSE Security Update : apache2 (openSUSE-SU-2014:1044-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2014-503. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(77292); script_version("1.8"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2013-4352", "CVE-2013-6438", "CVE-2014-0098", "CVE-2014-0117", "CVE-2014-0226", "CVE-2014-0231"); script_name(english:"openSUSE Security Update : apache2 (openSUSE-SU-2014:1044-1)"); script_summary(english:"Check for the openSUSE-2014-503 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This apache2 update fixes the following security issues : - fix for crash in mod_proxy processing specially crafted requests with reverse proxy configurations that results in a crash and a DoS condition for the server. CVE-2014-0117 - new config option CGIDScriptTimeout set to 60s in new file conf.d/cgid-timeout.conf, preventing worker processes hanging forever if a cgi launched from them has stopped reading input from the server (DoS). CVE-2014-0231 - Fix for a NULL pointer dereference in mod_cache that causes a crash in caching forwarding configurations, resulting in a DoS condition. CVE-2013-4352 - fix for crash in parsing cookie content, resulting in a DoS against the server CVE-2014-0098 - fix for mod_status race condition in scoreboard handling and consecutive heap overflow and information disclosure if access to mod_status is granted to a potential attacker. CVE-2014-0226 - fix for improper handling of whitespace characters from CDATA sections to mod_dav, leading to a crash and a DoS condition of the apache server process CVE-2013-6438" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=869105" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=869106" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=887765" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=887767" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=887768" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=887771" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2014-08/msg00031.html" ); script_set_attribute( attribute:"solution", value:"Update the affected apache2 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-event"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-event-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-example-pages"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-prefork"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-utils-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-worker"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-worker-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1"); script_set_attribute(attribute:"patch_publication_date", value:"2014/08/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE13.1", reference:"apache2-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-debuginfo-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-debugsource-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-devel-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-event-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-event-debuginfo-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-example-pages-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-prefork-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-prefork-debuginfo-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-utils-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-utils-debuginfo-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-worker-2.4.6-6.27.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"apache2-worker-debuginfo-2.4.6-6.27.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2 / apache2-debuginfo / apache2-debugsource / apache2-devel / etc"); }NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201504-03.NASL description The remote host is affected by the vulnerability described in GLSA-201504-03 (Apache: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Apache HTTP Server. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to execute arbitrary code or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 82733 published 2015-04-13 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82733 title GLSA-201504-03 : Apache: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201504-03. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(82733); script_version("1.8"); script_cvs_date("Date: 2018/12/05 20:31:22"); script_cve_id("CVE-2013-5704", "CVE-2014-0118", "CVE-2014-0226", "CVE-2014-0231"); script_bugtraq_id(68678, 68742, 68745, 73135); script_xref(name:"GLSA", value:"201504-03"); script_name(english:"GLSA-201504-03 : Apache: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201504-03 (Apache: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Apache HTTP Server. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to execute arbitrary code or cause a Denial of Service condition. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201504-03" ); script_set_attribute( attribute:"solution", value: "All Apache users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-servers/apache-2.2.29'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:apache"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2015/04/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"www-servers/apache", unaffected:make_list("ge 2.2.29"), vulnerable:make_list("lt 2.2.29"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Apache"); }NASL family Misc. NASL id JUNIPER_NSM_JSA10685_CRED.NASL description The remote host is running a version of NSM (Network and Security Manager) Server that is prior to 2012.2R9. It is, therefore, affected by multiple vulnerabilities in the bundled version of Apache HTTP Server : - A flaw exists due to improper escaping of filenames in 406 and 300 HTTP responses. A remote attacker can exploit this, by uploading a file with a specially crafted name, to inject arbitrary HTTP headers or conduct cross-site scripting attacks. (CVE-2008-0456) - Multiple cross-site scripting vulnerabilities exist in the mod_negotiation module due to improper sanitization of input passed via filenames. An attacker can exploit this to execute arbitrary script code in a user last seen 2020-06-01 modified 2020-06-02 plugin id 84878 published 2015-07-20 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/84878 title Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685) (credentialed check) NASL family SuSE Local Security Checks NASL id SUSE_11_APACHE2-140721.NASL description This update for the Apache Web Server provides the following fixes : - Fixed a heap-based buffer overflow on apache module mod_status. (bnc#887765, CVE-2014-0226) - Properly remove whitespace characters from CDATA sections to avoid remote denial of service by crashing the Apache Server process. (bnc#869105, CVE-2013-6438) - Correction to parsing of cookie content; this can lead to a crash with a specially designed cookie sent to the server. (bnc#869106, CVE-2014-0098) - ECC support should not be missing. (bnc#859916) This update also introduces a new configuration parameter CGIDScriptTimeout, which defaults to the value of parameter Timeout. CGIDScriptTimeout is set to 60s if mod_cgid is loaded/active, via /etc/apache2/conf.d/cgid-timeout.conf. The new directive and its effect prevent request workers to be eaten until starvation if cgi programs do not send output back to the server within the timeout set by CGIDScriptTimeout. (bnc#887768, CVE-2014-0231) last seen 2020-06-05 modified 2014-08-07 plugin id 77048 published 2014-08-07 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77048 title SuSE 11.3 Security Update : Apache Web Server (SAT Patch Number 9542) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2989.NASL description Several security issues were found in the Apache HTTP server. - CVE-2014-0118 The DEFLATE input filter (inflates request bodies) in mod_deflate allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size. - CVE-2014-0226 A race condition was found in mod_status. An attacker able to access a public server status page on a server could send carefully crafted requests which could lead to a heap buffer overflow, causing denial of service, disclosure of sensitive information, or potentially the execution of arbitrary code. - CVE-2014-0231 A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service. last seen 2020-03-17 modified 2014-07-26 plugin id 76844 published 2014-07-26 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76844 title Debian DSA-2989-1 : apache2 - security update NASL family Misc. NASL id JUNIPER_NSM_JSA10685.NASL description The remote host is running a version of NSM (Network and Security Manager) Server that is prior to 2012.2R9. It is, therefore, affected by multiple vulnerabilities in the bundled version of Apache HTTP Server : - A flaw exists due to improper escaping of filenames in 406 and 300 HTTP responses. A remote attacker can exploit this, by uploading a file with a specially crafted name, to inject arbitrary HTTP headers or conduct cross-site scripting attacks. (CVE-2008-0456) - Multiple cross-site scripting vulnerabilities exist in the mod_negotiation module due to improper sanitization of input passed via filenames. An attacker can exploit this to execute arbitrary script code in a user last seen 2020-06-01 modified 2020-06-02 plugin id 84877 published 2015-07-20 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/84877 title Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685) NASL family Web Servers NASL id WEBSPHERE_8_5_5_4.NASL description The IBM WebSphere Application Server running on the remote host is version 8.5 prior to Fix Pack 8.5.5.4. It is, therefore, affected by the following vulnerabilities : - Multiple errors exist related to the included IBM HTTP server that can allow remote code execution or denial of service. (CVE-2013-5704, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231 / PI22070) - An unspecified error exists related to HTTP headers that can allow information disclosure. (CVE-2014-3021 / PI08268) - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the last seen 2020-06-01 modified 2020-06-02 plugin id 80398 published 2015-01-07 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/80398 title IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.4 Multiple Vulnerabilities (POODLE) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2014-0920.NASL description From Red Hat Security Advisory 2014:0920 : Updated httpd packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 76744 published 2014-07-24 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76744 title Oracle Linux 5 / 6 : httpd (ELSA-2014-0920) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2014-0921.NASL description From Red Hat Security Advisory 2014:0921 : Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 76745 published 2014-07-24 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76745 title Oracle Linux 7 : httpd (ELSA-2014-0921) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-093.NASL description Updated apache packages fix security vulnerabilities : Apache HTTPD before 2.4.9 was vulnerable to a denial of service in mod_dav when handling DAV_WRITE requests (CVE-2013-6438). Apache HTTPD before 2.4.9 was vulnerable to a denial of service when logging cookies (CVE-2014-0098). A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the apache user (CVE-2014-0226). A denial of service flaw was found in the mod_proxy httpd module. A remote attacker could send a specially crafted request to a server configured as a reverse proxy using a threaded Multi-Processing Modules (MPM) that would cause the httpd child process to crash (CVE-2014-0117). A denial of service flaw was found in the way httpd last seen 2020-06-01 modified 2020-06-02 plugin id 82346 published 2015-03-30 reporter This script is Copyright (C) 2015-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82346 title Mandriva Linux Security Advisory : apache (MDVSA-2015:093) NASL family Web Servers NASL id ORACLE_HTTP_SERVER_CPU_JAN_2015.NASL description The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities in the Web Listener subcomponent : - An integer overflow condition exists in libxml2 within file xpath.c, related to XPath expressions when adding a new namespace note. An unauthenticated, remote attacker can exploit this, via a crafted XML file, to cause a denial of service condition or the execution of arbitary code. (CVE-2011-1944) - An integer overflow condition exists in the HTTP server, specifically in the ap_pregsub() function within file server/util.c, when the mod_setenvif module is enabled. A local attacker can exploit this to gain elevated privileges by using an .htaccess file with a crafted combination of SetEnvIf directives and HTTP request headers. (CVE-2011-3607) - A flaw exists in libxml2, known as the last seen 2020-03-18 modified 2015-01-27 plugin id 81002 published 2015-01-27 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81002 title Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2015 CPU) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201408-12.NASL description The remote host is affected by the vulnerability described in GLSA-201408-12 (Apache HTTP Server: Multiple vulnerabilities) Multiple vulnerabilities have been found in Apache HTTP Server. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a specially crafted request to possibly execute arbitrary code, cause Denial of Service, or obtain sensitive information. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 77456 published 2014-08-30 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77456 title GLSA-201408-12 : Apache HTTP Server: Multiple vulnerabilities NASL family Web Servers NASL id HPSMH_7_5.NASL description According to the web server last seen 2020-06-01 modified 2020-06-02 plugin id 84923 published 2015-07-22 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/84923 title HP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-66.NASL description CVE-2014-0231: prevent denial of service in mod_cgid. CVE-2014-0226: prevent denial of service via race in mod_status. CVE-2014-0118: fix resource consumption via mod_deflate body decompression. CVE-2013-6438: prevent denial of service via mod_dav incorrect end of string NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2015-03-26 plugin id 82211 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82211 title Debian DLA-66-1 : apache2 security update NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-0921.NASL description Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 76716 published 2014-07-24 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76716 title CentOS 7 : httpd (CESA-2014:0921) NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2015-004.NASL description The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-004. It is, therefore, affected multiple vulnerabilities in the following components : - Apache - ATS - Certificate Trust Policy - CoreAnimation - FontParser - Graphics Driver - ImageIO - IOHIDFamily - Kernel - LaunchServices - Open Directory Client - OpenLDAP - OpenSSL - PHP - QuickLook - SceneKit - Security - Code SIgning - UniformTypeIdentifiers Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 82700 published 2015-04-10 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82700 title Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-1020.NASL description Updated Red Hat JBoss Enterprise Application Platform 6.3.0 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 77079 published 2014-08-08 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77079 title RHEL 6 : JBoss EAP (RHSA-2014:1020) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0920.NASL description Updated httpd packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 76749 published 2014-07-24 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76749 title RHEL 5 / 6 : httpd (RHSA-2014:0920) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2014-389.NASL description A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 78332 published 2014-10-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/78332 title Amazon Linux AMI : httpd24 (ALAS-2014-389) NASL family Solaris Local Security Checks NASL id SOLARIS11_APACHE_20141014.NASL description The remote Solaris system is missing necessary patches to address security updates : - The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value. (CVE-2013-4352) - The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header. (CVE-2014-0117) - The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size. (CVE-2014-0118) - Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c. (CVE-2014-0226) - The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor. (CVE-2014-0231) last seen 2020-06-01 modified 2020-06-02 plugin id 80589 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80589 title Oracle Solaris Third-Party Patch Update : apache (multiple_denial_of_service_dos5) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-770.NASL description This apache version update fixes various security and non security issues. - Updated to the 2.2.29 - Changes between 2.2.22 and 2.2.29: http://www.apache.org/dist/httpd/CHANGES_2.2 - The following patches are no longer needed and were removed : - httpd-2.2.x-bnc798733-SNI_ignorecase.diff - httpd-2.2.x-bnc806458-mod_imagemap-xss.diff - httpd-2.2.x-bnc806458-mod_info_ap_get_server_name-xss.diff - httpd-2.2.x-bnc806458-mod_proxy_ftp-xss.diff - httpd-2.2.x-bnc806458-util_ldap_cache_mgr-xss.diff - httpd-2.2.x-bnc807152-mod_balancer_handler_xss.diff - httpd-mod_deflate_head.patch - httpd-new_pcre.patch - httpd-2.2.22-SSLCompression_CRIME_mitigation.patch - httpd-2.2.19-linux3.patch - httpd-2.2.x-bnc829056-CVE-2013-1896-pr1482522-mod_dav.diff - httpd-2.2.x-bnc829057-CVE-2013-1862-mod_rewrite_terminal_escape_sequences.diff - httpd-2.2.x-bnc869105-CVE-2013-6438-mod_dav-dos.diff - httpd-2.2.x-bnc869106-CVE-2014-0098-log_cookie_c.diff - httpd-2.2.x-bnc887765-CVE-2014-0226-mod_status_race.diff - httpd-2.2.x-bnc887768-CVE-2014-0231_mod_cgid_DoS_via_no_stdin_read.diff - httpd-2.2.x-bnc777260-CVE-2012-2687-mod_negotiation_filename_xss.diff - httpd-2.2.x-CVE-2011-3368-server_protocl_c.diff - The following patches were updated for the current Apache version : - apache2-mod_ssl_npn.patch - httpd-2.0.54-envvars.dif - httpd-2.2.x-bnc690734.patch - ssl-mode-release-buffers.patch - bnc#871310 fixed in Apache httpd 2.2.29 last seen 2020-06-05 modified 2014-12-16 plugin id 80043 published 2014-12-16 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/80043 title openSUSE Security Update : apache2 (openSUSE-SU-2014:1647-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-1019.NASL description Updated Red Hat JBoss Enterprise Application Platform 6.3.0 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 77078 published 2014-08-08 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77078 title RHEL 5 : JBoss EAP (RHSA-2014:1019) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0921.NASL description Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 76905 published 2014-07-30 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76905 title RHEL 7 : httpd (RHSA-2014:0921) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_4364E1F10F4411E4B09020CF30E32F6D.NASL description Apache HTTP SERVER PROJECT reports : mod_proxy: Fix crash in Connection header handling which allowed a denial of service attack against a reverse proxy with a threaded MPM. Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. mod_deflate: The DEFLATE input filter (inflates request bodies) now limits the length and compression ratio of inflated request bodies to avoid denial of sevice via highly compressed bodies. See directives DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and DeflateInflateRatioBurst. mod_cgid: Fix a denial of service against CGI scripts that do not consume stdin that could lead to lingering HTTPD child processes filling up the scoreboard and eventually hanging the server. By default, the client I/O timeout (Timeout directive) now applies to communication with scripts. The CGIDScriptTimeout directive can be used to set a different timeout for communication with scripts. last seen 2020-06-01 modified 2020-06-02 plugin id 76614 published 2014-07-21 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76614 title FreeBSD : apache24 -- several vulnerabilities (4364e1f1-0f44-11e4-b090-20cf30e32f6d) NASL family Misc. NASL id ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2015_CPU.NASL description The remote host has a version of Oracle Secure Global Desktop that is version 4.63, 4.71, 5.0 or 5.1. It is, therefore, affected by multiple vulnerabilities in the following components : - Apache HTTP Server - Client - Gateway JARP module - Gateway Reverse Proxy - OpenSSL - Print Servlet (only in 5.0 / 5.1) - SGD SSL Daemon (ttassl) - Web Server last seen 2020-06-01 modified 2020-06-02 plugin id 80912 published 2015-01-22 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/80912 title Oracle Secure Global Desktop Multiple Vulnerabilities (January 2015 CPU) (POODLE) NASL family Web Servers NASL id WEBSPHERE_8_0_0_10.NASL description The remote host is running IBM WebSphere Application Server version 8.0 prior to Fix Pack 10. It is, therefore, affected by the following vulnerabilities : - Multiple errors exist related to the included IBM HTTP server that can allow remote code execution or denial of service. (CVE-2013-5704, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231 / PI22070) - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the last seen 2020-06-01 modified 2020-06-02 plugin id 81401 published 2015-02-18 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81401 title IBM WebSphere Application Server 8.0 < Fix Pack 10 Multiple Vulnerabilities (POODLE) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_F927E06C110911E4B09020CF30E32F6D.NASL description Apache HTTP SERVER PROJECT reports : mod_deflate: The DEFLATE input filter (inflates request bodies) now limits the length and compression ratio of inflated request bodies to avoid denial of service via highly compressed bodies. See directives DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and DeflateInflateRatioBurst. mod_cgid: Fix a denial of service against CGI scripts that do not consume stdin that could lead to lingering HTTPD child processes filling up the scoreboard and eventually hanging the server. By default, the client I/O timeout (Timeout directive) now applies to communication with scripts. The CGIDScriptTimeout directive can be used to set a different timeout for communication with scripts. Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. core: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds last seen 2020-06-01 modified 2020-06-02 plugin id 76780 published 2014-07-25 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76780 title FreeBSD : apache22 -- several vulnerabilities (f927e06c-1109-11e4-b090-20cf30e32f6d) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2014-142.NASL description Updated apache package fixes security vulnerabilities : A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the apache user (CVE-2014-0226). A denial of service flaw was found in the way httpd last seen 2020-06-01 modified 2020-06-02 plugin id 76923 published 2014-07-31 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76923 title Mandriva Linux Security Advisory : apache (MDVSA-2014:142) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2014-204-01.NASL description New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 76712 published 2014-07-24 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/76712 title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : httpd (SSA:2014-204-01) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-1088.NASL description Red Hat JBoss Web Server 2.1.0, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. This release serves as a replacement for Red Hat JBoss Web Server 2.0.1, and includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.0 Release Notes, linked to in the References section, for information on the most significant of these changes. The following security issues are also fixed with this release : A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 77357 published 2014-08-23 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77357 title RHEL 5 : JBoss Web Server (RHSA-2014:1088) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-0920.NASL description Updated httpd packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 76715 published 2014-07-24 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76715 title CentOS 5 / 6 : httpd (CESA-2014:0920) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1419.NASL description According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.(CVE-2014-0098) - A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-06-01 modified 2020-06-02 plugin id 124922 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124922 title EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419) NASL family Fedora Local Security Checks NASL id FEDORA_2014-8742.NASL description This update includes the latest stable release of the Apache HTTP Server, httpd 2.4.10. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-07-26 plugin id 76852 published 2014-07-26 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76852 title Fedora 20 : httpd-2.4.10-1.fc20 (2014-8742) NASL family Scientific Linux Local Security Checks NASL id SL_20140723_HTTPD_ON_SL5_X.NASL description A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the last seen 2020-03-18 modified 2014-07-24 plugin id 76753 published 2014-07-24 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76753 title Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64 (20140723) NASL family Web Servers NASL id WEBSPHERE_7_0_0_35.NASL description The remote host is running a version of IBM WebSphere Application Server 7.0 prior to Fix Pack 35. It is, therefore, affected by the following vulnerabilities : - Multiple errors exist related to the included IBM HTTP server that could allow remote code execution or denial of service. (CVE-2013-5704, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231 / PI22070) - An error exists related to HTTP header handling that could allow the disclosure of sensitive information. (CVE-2014-3021 / PI08268) - An unspecified error exists that could allow the disclosure of sensitive information. (CVE-2014-3083 / PI17768) - An unspecified input-validation errors exist related to the last seen 2020-06-01 modified 2020-06-02 plugin id 78604 published 2014-10-21 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/78604 title IBM WebSphere Application Server 7.0 < Fix Pack 35 Multiple Vulnerabilities NASL family MacOS X Local Security Checks NASL id MACOSX_10_10_3.NASL description The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.3. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - Apache - ATS - Certificate Trust Policy - CFNetwork HTTPProtocol - CFNetwork Session - CFURL - CoreAnimation - FontParser - Graphics Driver - Hypervisor - ImageIO - IOHIDFamily - Kernel - LaunchServices - libnetcore - ntp - Open Directory Client - OpenLDAP - OpenSSL - PHP - QuickLook - SceneKit - ScreenSharing - Security - Code SIgning - UniformTypeIdentifiers - WebKit Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 82699 published 2015-04-10 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82699 title Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK) NASL family SuSE Local Security Checks NASL id SUSE_SU-2014-1082-1.NASL description This apache2 update fixes the following security issues : - log_cookie mod_log_config.c remote denial of service (CVE-2014-0098, bnc#869106) - mod_dav denial of service (CVE-2013-6438, bnc#869105) - mod_cgid denial of service (CVE-2014-0231, bnc#887768) - mod_status heap-based buffer overflow (CVE-2014-0226, bnc#887765) - mod_rewrite: escape logdata to avoid terminal escapes (CVE-2013-1862, bnc#829057) - mod_dav: segfault in merge request (CVE-2013-1896, bnc#829056) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2015-05-20 plugin id 83632 published 2015-05-20 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/83632 title SUSE SLES10 Security Update : apache2 (SUSE-SU-2014:1082-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-502.NASL description This apache2 update fixes the following security issues : - CRIME types of attack, based on size and timing analysis of compressed content, are now mitigated by the new SSLCompression directive, set to last seen 2020-06-05 modified 2014-08-21 plugin id 77291 published 2014-08-21 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77291 title openSUSE Security Update : apache2 (openSUSE-SU-2014:1045-1) NASL family Fedora Local Security Checks NASL id FEDORA_2014-9057.NASL description This update includes the latest stable release of the Apache HTTP Server, httpd 2.4.10, fixing a number of security issues. http://www.apache.org/dist/httpd/Announcement2.4.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-08-15 plugin id 77207 published 2014-08-15 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77207 title Fedora 19 : httpd-2.4.10-1.fc19 (2014-9057) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2299-1.NASL description Marek Kroemeke discovered that the mod_proxy module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0117) Giancarlo Pellegrino and Davide Balzarotti discovered that the mod_deflate module incorrectly handled body decompression. A remote attacker could use this issue to cause resource consumption, leading to a denial of service. (CVE-2014-0118) Marek Kroemeke and others discovered that the mod_status module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service, or possibly execute arbitrary code. (CVE-2014-0226) Rainer Jung discovered that the mod_cgid module incorrectly handled certain scripts. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. (CVE-2014-0231). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 76757 published 2014-07-24 reporter Ubuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76757 title Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS : apache2 vulnerabilities (USN-2299-1) NASL family Web Servers NASL id APACHE_2_2_29.NASL description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.28. It is, therefore, affected by the following vulnerabilities : - A flaw exists within the last seen 2020-04-30 modified 2014-09-04 plugin id 77531 published 2014-09-04 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77531 title Apache 2.2.x < 2.2.28 Multiple Vulnerabilities NASL family Web Servers NASL id APACHE_2_4_10.NASL description According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.10. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the last seen 2020-04-30 modified 2014-07-21 plugin id 76622 published 2014-07-21 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/76622 title Apache 2.4.x < 2.4.10 Multiple Vulnerabilities
Packetstorm
| data source | https://packetstormsecurity.com/files/download/127546/cve-2014-0226.txt |
| id | PACKETSTORM:127546 |
| last seen | 2016-12-05 |
| published | 2014-07-21 |
| reporter | AKAT-1 |
| source | https://packetstormsecurity.com/files/127546/Apache-Scoreboard-Status-Race-Condition.html |
| title | Apache Scoreboard / Status Race Condition |
Redhat
| advisories |
| ||||||||||||
| rpms |
|
References
- http://advisories.mageia.org/MGASA-2014-0304.html
- http://advisories.mageia.org/MGASA-2014-0304.html
- http://advisories.mageia.org/MGASA-2014-0305.html
- http://advisories.mageia.org/MGASA-2014-0305.html
- http://httpd.apache.org/security/vulnerabilities_24.html
- http://httpd.apache.org/security/vulnerabilities_24.html
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
- http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
- http://marc.info/?l=bugtraq&m=143403519711434&w=2
- http://marc.info/?l=bugtraq&m=143403519711434&w=2
- http://marc.info/?l=bugtraq&m=143403519711434&w=2
- http://marc.info/?l=bugtraq&m=143403519711434&w=2
- http://marc.info/?l=bugtraq&m=143748090628601&w=2
- http://marc.info/?l=bugtraq&m=143748090628601&w=2
- http://marc.info/?l=bugtraq&m=144050155601375&w=2
- http://marc.info/?l=bugtraq&m=144050155601375&w=2
- http://marc.info/?l=bugtraq&m=144493176821532&w=2
- http://marc.info/?l=bugtraq&m=144493176821532&w=2
- http://marc.info/?l=bugtraq&m=144493176821532&w=2
- http://marc.info/?l=bugtraq&m=144493176821532&w=2
- http://rhn.redhat.com/errata/RHSA-2014-1019.html
- http://rhn.redhat.com/errata/RHSA-2014-1019.html
- http://rhn.redhat.com/errata/RHSA-2014-1020.html
- http://rhn.redhat.com/errata/RHSA-2014-1020.html
- http://rhn.redhat.com/errata/RHSA-2014-1021.html
- http://rhn.redhat.com/errata/RHSA-2014-1021.html
- http://seclists.org/fulldisclosure/2014/Jul/114
- http://seclists.org/fulldisclosure/2014/Jul/114
- http://secunia.com/advisories/60536
- http://secunia.com/advisories/60536
- http://security.gentoo.org/glsa/glsa-201408-12.xml
- http://security.gentoo.org/glsa/glsa-201408-12.xml
- http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
- http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h
- http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h
- http://www.debian.org/security/2014/dsa-2989
- http://www.debian.org/security/2014/dsa-2989
- http://www.exploit-db.com/exploits/34133
- http://www.exploit-db.com/exploits/34133
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.osvdb.org/109216
- http://www.osvdb.org/109216
- http://www.securityfocus.com/bid/68678
- http://www.securityfocus.com/bid/68678
- http://zerodayinitiative.com/advisories/ZDI-14-236/
- http://zerodayinitiative.com/advisories/ZDI-14-236/
- https://bugzilla.redhat.com/show_bug.cgi?id=1120603
- https://bugzilla.redhat.com/show_bug.cgi?id=1120603
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
- https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
- https://puppet.com/security/cve/cve-2014-0226
- https://puppet.com/security/cve/cve-2014-0226
- https://security.gentoo.org/glsa/201504-03
- https://security.gentoo.org/glsa/201504-03
- https://support.apple.com/HT204659
- https://support.apple.com/HT204659
- https://www.povonsec.com/apache-2-4-7-exploit/
- https://www.povonsec.com/apache-2-4-7-exploit/