HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2008-03
Multiple Vulnerabilities in Apache HTTP Server

Original issue date: January 21, 2008

Severity Rating: Medium

Systems Affected

•  Apache httpd 2.2.2 through 2.2.6, 2.2.0

Overview

Multiple vulnerabilities have been reported in Apache HTTP Server which could be exploited by remote/ local attacker to cause denial-of-service, cross-site scripting attack and execute arbitrary code on the affected system.

Description

1. Apache "mod_proxy_balancer" cross site scripting
vulnerability. (CVE -2007-6421 , CWE-79 )

A vulnerability has been reported in mod_proxy_balancer module due to an input validation error when processing and displaying data. On sites where mod_proxy_balancer is enabled, a remote attacker could exploit the vulnerability to cause a cross-site scripting attack against an authorized user.

2. Apache "mod_proxy_balancer" denial of service vulnerability. (CVE -2007-6422)

A vulnerability has been reported in mod_proxy_balancer module due to an unspecified error within the balancer manager functionality. An authorized user could send a carefully crafted request, on sites where mod_proxy_balancer is enabled and exploit the vulnerability to crash Apache child process handling that request resulting denial of service attack.

3. Cross-site scripting vulnerability in “mod_status” module.
(CVE-2007-6388 , CWE-79)

A vulnerability has been reported in mod_status module in Apache HTTP Server due to improper validation in the same when the server-status page is enabled. A remote attacker could exploit this vulnerability to inject arbitrary web script or HTML via unspecified vectors.

4. Improper validation in “mod_proxy_ftp” function.
(CVE-2008-0005 , CWE-79)

A vulnerability has been reported in mod_proxy_ftp module in Apache HTTP Server due to undefined charset in the same. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set. A remote attacker could exploit this vulnerability to conduct cross-site scripting (XSS) attacks on web browser using UTF-7 encoding.

Solution

Upgrade to Apache version 2.2.8
http://httpd.apache.org/download.cgi

Vendor Information

Apache
http://httpd.apache.org/security/vulnerabilities_22.html

References

FrSirt
http://www.frsirt.com/english/advisories/2008/0048
http://www.frsirt.com/english/advisories/2008/0047

Securityfocus
http://www.securityfocus.com/bid/27236

Secunia
http://secunia.com/advisories/28046/

Xforce
http://xforce.iss.net/xforce/xfdb/39615

SecurityReason
http://securityreason.com/achievement_securityalert/49

CVE-Name
CVE-2007-6421
CVE-2007-6422
CVE-2007-6388
 CVE-2008-0005

CWE
CWE-79

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003