Executive Summary
Summary | |
---|---|
Title | httpd24-httpd security update |
Informations | |||
---|---|---|---|
Name | RHSA-2015:1666 | First vendor Publication | 2015-08-24 |
Vendor | RedHat | Last vendor Modification | 2015-08-24 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated httpd24-httpd packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. (CVE-2015-3185) Note: This update introduces new a new API function, ap_some_authn_required(), which correctly indicates if a request is authenticated. External httpd modules using the old API function should be modified to use the new one to completely resolve this issue. A denial of service flaw was found in the way the mod_lua httpd module processed certain WebSocket Ping requests. A remote attacker could send a specially crafted WebSocket Ping packet that would cause the httpd child process to crash. (CVE-2015-0228) A NULL pointer dereference flaw was found in the way httpd generated certain error responses. A remote attacker could possibly use this flaw to crash the httpd child process using a request that triggers a certain HTTP error. (CVE-2015-0253) All httpd24-httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd24-httpd service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1202988 - CVE-2015-0228 httpd: Possible mod_lua crash due to websocket bug 1243887 - CVE-2015-3183 httpd: HTTP request smuggling attack against chunked request parser 1243888 - CVE-2015-3185 httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4 1243891 - CVE-2015-0253 httpd: NULL pointer dereference crash with ErrorDocument 400 pointing to a local URL-path |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2015-1666.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-20 | Improper Input Validation |
25 % | CWE-264 | Permissions, Privileges, and Access Controls |
25 % | CWE-17 | Code |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:28696 | |||
Oval ID: | oval:org.mitre.oval:def:28696 | ||
Title: | SUSE-SU-2015:0974-1 -- Security update for apache2 (moderate) | ||
Description: | Apache2 updated to fix four security issues and one non-security bug. The following vulnerabilities have been fixed: - mod_headers rules could be bypassed via chunked requests. Adds "MergeTrailers" directive to restore legacy behavior. (bsc#871310, CVE-2013-5704) - An empty value in Content-Type could lead to a crash through a null pointer dereference and a denial of service. (bsc#899836, CVE-2014-3581) - Remote attackers could bypass intended access restrictions in mod_lua LuaAuthzProvider when multiple Require directives with different arguments are used. (bsc#909715, CVE-2014-8109) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2015:0974-1 CVE-2013-5704 CVE-2014-3581 CVE-2014-8109 CVE-2015-0228 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 12 | Product(s): | apache2 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-08-20 | IAVM : 2015-A-0199 - Multiple Vulnerabilities in Apple Mac OS X Severity : Category I - VMSKEY : V0061337 |
2015-07-23 | IAVM : 2015-A-0174 - Multiple Vulnerabilities in Apache HTTP Server Severity : Category I - VMSKEY : V0061135 |
Snort® IPS/IDS
Date | Description |
---|---|
2018-06-05 | HTTP request smuggling attempt RuleID : 46495 - Revision : 4 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-09-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2710.nasl - Type : ACT_GATHER_INFO |
2017-09-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2709.nasl - Type : ACT_GATHER_INFO |
2017-03-01 | Name : The remote Debian host is missing a security update. File : debian_DLA-841.nasl - Type : ACT_GATHER_INFO |
2016-10-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-2055.nasl - Type : ACT_GATHER_INFO |
2016-10-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201610-02.nasl - Type : ACT_GATHER_INFO |
2016-05-26 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17251.nasl - Type : ACT_GATHER_INFO |
2016-01-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0061.nasl - Type : ACT_GATHER_INFO |
2016-01-21 | Name : The application installed on the remote host is affected by multiple vulnerab... File : oracle_secure_global_desktop_jan_2016_cpu.nasl - Type : ACT_GATHER_INFO |
2015-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2660.nasl - Type : ACT_GATHER_INFO |
2015-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2659.nasl - Type : ACT_GATHER_INFO |
2015-11-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1885-2.nasl - Type : ACT_GATHER_INFO |
2015-11-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1851-1.nasl - Type : ACT_GATHER_INFO |
2015-10-06 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-635.nasl - Type : ACT_GATHER_INFO |
2015-10-02 | Name : The remote Mac OS X host has an application installed that is affected by mul... File : macosx_xcode_7_0.nasl - Type : ACT_GATHER_INFO |
2015-09-22 | Name : The remote host is missing a security update for OS X Server. File : macosx_server_5_0_3.nasl - Type : ACT_GATHER_INFO |
2015-09-18 | Name : The remote IBM HTTP Server is affected by multiple vulnerabilities. File : websphere_8_5_5_7.nasl - Type : ACT_GATHER_INFO |
2015-08-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1667.nasl - Type : ACT_GATHER_INFO |
2015-08-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1668.nasl - Type : ACT_GATHER_INFO |
2015-08-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1667.nasl - Type : ACT_GATHER_INFO |
2015-08-25 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150824_httpd_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2015-08-25 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150824_httpd_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-08-25 | Name : The remote application is affected by multiple vulnerabilities. File : securitycenter_apache_2_4_16.nasl - Type : ACT_GATHER_INFO |
2015-08-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1668.nasl - Type : ACT_GATHER_INFO |
2015-08-25 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1668.nasl - Type : ACT_GATHER_INFO |
2015-08-25 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1667.nasl - Type : ACT_GATHER_INFO |
2015-08-18 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-579.nasl - Type : ACT_GATHER_INFO |
2015-08-18 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-578.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-006.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_5.nasl - Type : ACT_GATHER_INFO |
2015-08-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3325.nasl - Type : ACT_GATHER_INFO |
2015-07-30 | Name : The remote Fedora host is missing a security update. File : fedora_2015-11792.nasl - Type : ACT_GATHER_INFO |
2015-07-29 | Name : The remote Debian host is missing a security update. File : debian_DLA-284.nasl - Type : ACT_GATHER_INFO |
2015-07-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2686-1.nasl - Type : ACT_GATHER_INFO |
2015-07-23 | Name : The remote web server is affected by multiple vulnerabilities. File : apache_2_4_16.nasl - Type : ACT_GATHER_INFO |
2015-07-22 | Name : The remote Fedora host is missing a security update. File : fedora_2015-11689.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_29083f8e2ca811e586ff14dae9d210b8.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2015-198-01.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a12494c12af411e586ff14dae9d210b8.nasl - Type : ACT_GATHER_INFO |
2015-06-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0974-1.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-093.nasl - Type : ACT_GATHER_INFO |
2015-03-11 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2523-1.nasl - Type : ACT_GATHER_INFO |
2015-03-05 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-191.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-12-07 21:26:51 |
|
2016-12-06 09:26:21 |
|
2016-10-21 00:25:05 |
|
2016-10-18 12:07:00 |
|
2016-08-20 09:24:03 |
|
2016-08-09 09:25:36 |
|
2016-07-08 21:25:40 |
|
2016-06-30 22:38:08 |
|
2016-01-22 09:26:39 |
|
2015-08-25 00:27:06 |
|