Executive Summary
| Summary | |
|---|---|
| Title | New mod_ssl and Apache/SSL packages fix buffer overflow |
| Informations | |||
|---|---|---|---|
| Name | DSA-120 | First vendor Publication | 2002-03-10 |
| Vendor | Debian | Last vendor Modification | 2002-03-10 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Ed Moyle recently found a buffer overflow in Apache-SSL and mod_ssl. With session caching enabled, mod_ssl will serialize SSL session variables to store them for later use. These variables were stored in a buffer of a fixed size without proper boundary checks. To exploit the overflow, the server must be configured to require client certificates, and an attacker must obtain a carefully crafted client certificate that has been signed by a Certificate Authority which is trusted by the server. If these conditions are met, it would be possible for an attacker to execute arbitrary code on the server. This problem has been fixed in version 1.3.9.13-4 of Apache-SSL and version 2.4.10-1.3.9-1potato1 of libapache-mod-ssl for the stable Debian distribution as well as in version 1.3.23.1+1.47-1 of Apache-SSL and version 2.8.7-1 of libapache-mod-ssl for the testing and unstable distribution of Debian. We recommend that you upgrade your Apache-SSL and mod_ssl packages. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato |
Original Source
| Url : http://www.debian.org/security/2002/dsa-120 |
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-01-17 | Name : Debian Security Advisory DSA 120-1 (libapache-mod-ssl, apache-ssl) File : nvt/deb_120_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 756 | Apache HTTP Server mod_ssl i2d_SSL_SESSION Function SSL Client Certificate Ov... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-120.nasl - Type : ACT_GATHER_INFO |
| 2004-07-31 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2002-020.nasl - Type : ACT_GATHER_INFO |
| 2002-03-19 | Name : The remote web server is vulnerable to a buffer overflow attack. File : apache_ssl_overflow.nasl - Type : ACT_GATHER_INFO |
| 2002-03-08 | Name : The remote web server module has a buffer overflow vulnerability. File : mod_ssl_overflow.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:26:17 |
|
