Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2008:195 | First vendor Publication | 2008-09-13 |
Vendor | Mandriva | Last vendor Modification | 2008-09-13 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability was discovered in the mod_proxy module in Apache where it did not limit the number of forwarded interim responses, allowing remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses (CVE-2008-2364). A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). The updated packages have been patched to prevent these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:195 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-770 | Allocation of Resources Without Limits or Throttling |
50 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11316 | |||
Oval ID: | oval:org.mitre.oval:def:11316 | ||
Title: | Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. | ||
Description: | Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2939 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11713 | |||
Oval ID: | oval:org.mitre.oval:def:11713 | ||
Title: | Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability | ||
Description: | The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-2364 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Apache |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13835 | |||
Oval ID: | oval:org.mitre.oval:def:13835 | ||
Title: | USN-731-1 -- apache2 vulnerabilities | ||
Description: | It was discovered that Apache did not sanitize the method specifier header from an HTTP request when it is returned in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. This issue only affected Ubuntu 6.06 LTS and 7.10. It was discovered that Apache was vulnerable to a cross-site request forgery in the mod_proxy_balancer balancer manager. If an Apache administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the balancer manager configuration. This issue only affected Ubuntu 7.10 and 8.04 LTS. It was discovered that Apache had a memory leak when using mod_ssl with compression. A remote attacker could exploit this to exhaust server memory, leading to a denial of service. This issue only affected Ubuntu 7.10. It was discovered that in certain conditions, Apache did not specify a default character set when returning certain error messages containing UTF-7 encoded data, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. This issue only affected Ubuntu 6.06 LTS and 7.10. It was discovered that when configured as a proxy server, Apache did not limit the number of forwarded interim responses. A malicious remote server could send a large number of interim responses and cause a denial of service via memory exhaustion. It was discovered that mod_proxy_ftp did not sanitize wildcard pathnames when they are returned in directory listings, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output | ||
Family: | unix | Class: | patch |
Reference(s): | USN-731-1 CVE-2007-6203 CVE-2007-6420 CVE-2008-1678 CVE-2008-2168 CVE-2008-2364 CVE-2008-2939 | Version: | 5 |
Platform(s): | Ubuntu 7.10 Ubuntu 8.04 Ubuntu 6.06 | Product(s): | apache2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21751 | |||
Oval ID: | oval:org.mitre.oval:def:21751 | ||
Title: | ELSA-2008:0967: httpd security and bug fix update (Moderate) | ||
Description: | Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0967-01 CVE-2008-2364 CVE-2008-2939 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | httpd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29289 | |||
Oval ID: | oval:org.mitre.oval:def:29289 | ||
Title: | RHSA-2008:0967 -- httpd security and bug fix update (Moderate) | ||
Description: | Updated httpd packages that resolve several security issues and fix a bug are now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server. A flaw was found in the mod_proxy Apache module. An attacker in control of a Web server to which requests were being proxied could have caused a limited denial of service due to CPU consumption and stack exhaustion. (CVE-2008-2364) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0967 CESA-2008:0967-CentOS 5 CESA-2008:0967-CentOS 3 CVE-2008-2364 CVE-2008-2939 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 5 CentOS Linux 3 | Product(s): | httpd |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7716 | |||
Oval ID: | oval:org.mitre.oval:def:7716 | ||
Title: | Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-2939 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Apache |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9577 | |||
Oval ID: | oval:org.mitre.oval:def:9577 | ||
Title: | The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. | ||
Description: | The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2364 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2010-05-12 | Name : Mac OS X Security Update 2008-007 File : nvt/macosx_secupd_2008-007.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:323 (apache) File : nvt/mdksa_2009_323.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-22 | Name : HP-UX Update for Apache-based Web Server HPSBUX02465 File : nvt/gb_hp_ux_HPSBUX02465.nasl |
2009-10-13 | Name : SLES10: Security update for Apache 2 File : nvt/sles10_apache20.nasl |
2009-10-13 | Name : SLES10: Security update for Apache 2 File : nvt/sles10_apache2.nasl |
2009-10-10 | Name : SLES9: Security update for Apache 2 File : nvt/sles9p5037600.nasl |
2009-07-15 | Name : Mandrake Security Advisory MDVSA-2009:124-1 (apache) File : nvt/mdksa_2009_124_1.nasl |
2009-06-05 | Name : Ubuntu USN-720-1 (php5) File : nvt/ubuntu_720_1.nasl |
2009-06-05 | Name : Mandrake Security Advisory MDVSA-2009:124 (apache) File : nvt/mdksa_2009_124.nasl |
2009-06-05 | Name : Ubuntu USN-719-1 (libpam-krb5) File : nvt/ubuntu_719_1.nasl |
2009-06-03 | Name : Solaris Update for Apache 2 120543-14 File : nvt/gb_solaris_120543_14.nasl |
2009-06-03 | Name : Solaris Update for Apache 2 120544-14 File : nvt/gb_solaris_120544_14.nasl |
2009-05-05 | Name : HP-UX Update for Apache Web Server Suite HPSBUX02401 File : nvt/gb_hp_ux_HPSBUX02401.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX02365 File : nvt/gb_hp_ux_HPSBUX02365.nasl |
2009-04-09 | Name : Mandriva Update for apache MDVSA-2008:195 (apache) File : nvt/gb_mandriva_MDVSA_2008_195.nasl |
2009-03-31 | Name : SuSE Security Summary SUSE-SR:2009:007 File : nvt/suse_sr_2009_007.nasl |
2009-03-13 | Name : SuSE Security Summary SUSE-SR:2009:006 File : nvt/suse_sr_2009_006.nasl |
2009-03-13 | Name : Ubuntu USN-731-1 (apache2) File : nvt/ubuntu_731_1.nasl |
2009-03-13 | Name : FreeBSD Ports: apache File : nvt/freebsd_apache14.nasl |
2009-03-06 | Name : RedHat Update for httpd RHSA-2008:0967-01 File : nvt/gb_RHSA-2008_0967-01_httpd.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0967 centos4 x86_64 File : nvt/gb_CESA-2008_0967_httpd_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0967 centos4 i386 File : nvt/gb_CESA-2008_0967_httpd_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0967 centos3 x86_64 File : nvt/gb_CESA-2008_0967_httpd_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for httpd CESA-2008:0967 centos3 i386 File : nvt/gb_CESA-2008_0967_httpd_centos3_i386.nasl |
2009-02-17 | Name : Fedora Update for httpd FEDORA-2008-6393 File : nvt/gb_fedora_2008_6393_httpd_fc9.nasl |
2009-02-17 | Name : Fedora Update for httpd FEDORA-2008-6314 File : nvt/gb_fedora_2008_6314_httpd_fc8.nasl |
2008-09-25 | Name : IBM HTTP Server mod_proxy Interim Responses DoS Vulnerability File : nvt/secpod_ibmhttpserver_mod_proxy_dos_900222.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200807-06 (apache) File : nvt/glsa_200807_06.nasl |
2008-09-04 | Name : FreeBSD Ports: apache File : nvt/freebsd_apache13.nasl |
2008-08-22 | Name : Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability File : nvt/secpod_apache_mod_proxy_ftp_xss_vuln_900107.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
47474 | Apache HTTP Server mod_proxy_ftp Directory Component Wildcard Character XSS |
46085 | Apache HTTP Server mod_proxy ap_proxy_http_process_response() Function Interi... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Multiple Products IFRAME src javascript code execution RuleID : 3679 - Revision : 18 - Type : INDICATOR-OBFUSCATION |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-08-11 | Name : The remote web server may be affected by multiple vulnerabilities. File : oracle_http_server_cpu_jul_2013.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0967.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081111_httpd_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_0_64.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-323.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-6035.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12258.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-080925.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-124.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-731-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-195.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0967.nasl - Type : ACT_GATHER_INFO |
2009-03-13 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-6054.nasl - Type : ACT_GATHER_INFO |
2009-03-12 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f18920660e7411de92de000bcdc1757a.nasl - Type : ACT_GATHER_INFO |
2008-11-16 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-5767.nasl - Type : ACT_GATHER_INFO |
2008-11-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0967.nasl - Type : ACT_GATHER_INFO |
2008-11-05 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-5628.nasl - Type : ACT_GATHER_INFO |
2008-11-05 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-5629.nasl - Type : ACT_GATHER_INFO |
2008-11-05 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-5648.nasl - Type : ACT_GATHER_INFO |
2008-10-16 | Name : The remote web server is vulnerable to a cross-site scripting attack. File : apache_mod_proxy_ftp_glob_xss.nasl - Type : ACT_ATTACK |
2008-10-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-007.nasl - Type : ACT_GATHER_INFO |
2008-08-08 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6393.nasl - Type : ACT_GATHER_INFO |
2008-08-08 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6314.nasl - Type : ACT_GATHER_INFO |
2008-07-11 | Name : The remote web server may be affected by several issues. File : apache_2_2_9.nasl - Type : ACT_GATHER_INFO |
2008-07-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200807-06.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_c84dc9ad41f711dda4f900163e000016.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:39:41 |
|