Executive Summary

Summary
Title HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS)
Informations
Name HPSBUX02927 SSRT101288 First vendor Publication 2013-09-18
Vendor HP Last vendor Modification 2013-09-18
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Cvss Base Score 5.1 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Potential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS).

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03922406

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-310 Cryptographic Issues
50 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18274
 
Oval ID: oval:org.mitre.oval:def:18274
Title: USN-1903-1 -- apache2 vulnerabilities
Description: Several security issues were fixed in the Apache HTTP Server.
Family: unix Class: patch
Reference(s): USN-1903-1
CVE-2013-1862
CVE-2013-1896
Version: 7
Platform(s): Ubuntu 13.04
Ubuntu 12.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): apache2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18790
 
Oval ID: oval:org.mitre.oval:def:18790
Title: Apache HTTP vulnerability from 2.2.x before 2.2.25 in VisualSVN Server (CVE-2013-1862)
Description: mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1862
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): VisualSVN Server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18835
 
Oval ID: oval:org.mitre.oval:def:18835
Title: Apache HTTP vulnerability before 2.2.25 in VisualSVN Server (CVE-2013-1896)
Description: mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1896
Version: 5
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): VisualSVN Server
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19534
 
Oval ID: oval:org.mitre.oval:def:19534
Title: HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS)
Description: mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1862
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19747
 
Oval ID: oval:org.mitre.oval:def:19747
Title: HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS)
Description: mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1896
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21067
 
Oval ID: oval:org.mitre.oval:def:21067
Title: RHSA-2013:0815: httpd security update (Moderate)
Description: mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Family: unix Class: patch
Reference(s): RHSA-2013:0815-01
CESA-2013:0815
CVE-2012-3499
CVE-2012-4558
CVE-2013-1862
Version: 45
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
Product(s): httpd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21205
 
Oval ID: oval:org.mitre.oval:def:21205
Title: RHSA-2013:1156: httpd security update (Moderate)
Description: mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
Family: unix Class: patch
Reference(s): RHSA-2013:1156-01
CESA-2013:1156
CVE-2013-1896
Version: 4
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): httpd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23320
 
Oval ID: oval:org.mitre.oval:def:23320
Title: DEPRECATED: ELSA-2013:1156: httpd security update (Moderate)
Description: mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
Family: unix Class: patch
Reference(s): ELSA-2013:1156-01
CVE-2013-1896
Version: 7
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): httpd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23465
 
Oval ID: oval:org.mitre.oval:def:23465
Title: DEPRECATED: ELSA-2013:0815: httpd security update (Moderate)
Description: mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Family: unix Class: patch
Reference(s): ELSA-2013:0815-01
CVE-2012-3499
CVE-2012-4558
CVE-2013-1862
Version: 18
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): httpd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23801
 
Oval ID: oval:org.mitre.oval:def:23801
Title: ELSA-2013:1156: httpd security update (Moderate)
Description: mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
Family: unix Class: patch
Reference(s): ELSA-2013:1156-01
CVE-2013-1896
Version: 6
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): httpd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24116
 
Oval ID: oval:org.mitre.oval:def:24116
Title: ELSA-2013:0815: httpd security update (Moderate)
Description: mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Family: unix Class: patch
Reference(s): ELSA-2013:0815-01
CVE-2012-3499
CVE-2012-4558
CVE-2013-1862
Version: 17
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): httpd
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25300
 
Oval ID: oval:org.mitre.oval:def:25300
Title: SUSE-SU-2013:1824-1 -- Security update for Apache2
Description: Apache2 received an LTSS rollup update which fixes various security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1824-1
CVE-2013-1896
CVE-2013-1862
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Apache2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25551
 
Oval ID: oval:org.mitre.oval:def:25551
Title: SUSE-SU-2013:1381-1 -- Security update for Apache2
Description: This collective update for Apache provides the following fixes: * Make sure that input that has already arrived on the socket is not discarded during a non-blocking read (read(2) returns 0 and errno is set to -EAGAIN). (bnc#815621) * Close the connection just before an attempted re-negotiation if data has been read with pipelining. This is done by resetting the keepalive status. (bnc#815621) * Reset the renegotiation status of a client<->server connection to RENEG_INIT to prevent falsely assumed status. (bnc#791794) * "OPTIONS *" internal requests are intercepted by a dummy filter that kicks in for the OPTIONS method. Apple iPrint uses "OPTIONS *" to upgrade the connection to TLS/1.0 following RFC 2817. For compatibility, check if an Upgrade request header is present and skip the filter if yes. (bnc#791794) * Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault. (bnc#829056, CVE-2013-1896) * Client data written to the RewriteLog must have terminal escape sequences escaped. (bnc#829057, CVE-2013-1862)
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1381-1
CVE-2013-1896
CVE-2013-1862
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Apache2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26836
 
Oval ID: oval:org.mitre.oval:def:26836
Title: SUSE-SU-2014:1082-1 -- Security update for apache2
Description: This apache2 update fixes the following security issues: * log_cookie mod_log_config.c remote denial of service (CVE-2014-0098, bnc#869106) * mod_dav denial of service (CVE-2013-6438, bnc#869105) * mod_cgid denial of service (CVE-2014-0231, bnc#887768) * mod_status heap-based buffer overflow (CVE-2014-0226, bnc#887765) * mod_rewrite: escape logdata to avoid terminal escapes (CVE-2013-1862, bnc#829057) * mod_dav: segfault in merge request (CVE-2013-1896, bnc#829056) Security Issues: * CVE-2014-0098 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098> * CVE-2013-6438 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438> * CVE-2014-0226 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226> * CVE-2014-0231 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231> * CVE-2013-1862 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862> * CVE-2013-1896 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1082-1
CVE-2014-0098
CVE-2013-6438
CVE-2014-0231
CVE-2014-0226
CVE-2013-1862
CVE-2013-1896
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): apache2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27412
 
Oval ID: oval:org.mitre.oval:def:27412
Title: DEPRECATED: ELSA-2013-1156 -- httpd security update (moderate)
Description: [2.2.15-29.0.1.el6_4] - replace index.html with Oracle's index page oracle_index.html update vstring in specfile [2.2.15-29] - mod_dav: add security fix for CVE-2013-1896 (#991368)
Family: unix Class: patch
Reference(s): ELSA-2013-1156
CVE-2013-1896
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): httpd
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 187

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-07-16 IAVM : 2015-A-0149 - Multiple Vulnerabilities in Juniper Networks and Security Manager(NSM) Appliance
Severity : Category I - VMSKEY : V0061101
2014-02-27 IAVM : 2014-A-0030 - Apple Mac OS X Security Update 2014-001
Severity : Category I - VMSKEY : V0044547
2014-01-16 IAVM : 2014-A-0009 - Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0043395
2013-09-12 IAVM : 2013-A-0177 - Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0040288
2013-07-25 IAVM : 2013-A-0146 - Multiple Security Vulnerabilities in Apache HTTP Server
Severity : Category I - VMSKEY : V0039573

Snort® IPS/IDS

Date Description
2017-12-13 Apache HTTP Server possible mod_dav.c remote denial of service vulnerability ...
RuleID : 44808 - Revision : 2 - Type : INDICATOR-COMPROMISE

Nessus® Vulnerability Scanner

Date Description
2015-07-20 Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_jsa10685_cred.nasl - Type : ACT_GATHER_INFO
2015-07-20 Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_jsa10685.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-1082-1.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_apache_20131015.nasl - Type : ACT_GATHER_INFO
2014-12-22 Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa10627.nasl - Type : ACT_GATHER_INFO
2014-12-16 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-770.nasl - Type : ACT_GATHER_INFO
2014-11-28 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15877.nasl - Type : ACT_GATHER_INFO
2014-06-26 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1133.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-638.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-637.nasl - Type : ACT_GATHER_INFO
2014-02-25 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2014-001.nasl - Type : ACT_GATHER_INFO
2014-02-25 Name : The remote host is missing a Mac OS X update that fixes a certificate validat...
File : macosx_10_9_2.nasl - Type : ACT_GATHER_INFO
2014-01-31 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1209.nasl - Type : ACT_GATHER_INFO
2014-01-20 Name : The remote application server is potentially affected by multiple vulnerabili...
File : websphere_7_0_0_31.nasl - Type : ACT_GATHER_INFO
2013-12-05 Name : The remote application server may be affected by multiple vulnerabilities.
File : websphere_8_5_5_1.nasl - Type : ACT_GATHER_INFO
2013-09-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201309-12.nasl - Type : ACT_GATHER_INFO
2013-09-20 Name : The remote application server may be affected by multiple vulnerabilities.
File : websphere_6_1_0_47.nasl - Type : ACT_GATHER_INFO
2013-09-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1207.nasl - Type : ACT_GATHER_INFO
2013-09-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1208.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-193.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-194.nasl - Type : ACT_GATHER_INFO
2013-08-27 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-130730.nasl - Type : ACT_GATHER_INFO
2013-08-23 Name : The remote application server may be affected by multiple vulnerabilities.
File : websphere_8_0_0_7.nasl - Type : ACT_GATHER_INFO
2013-08-20 Name : The remote Fedora host is missing a security update.
File : fedora_2013-13922.nasl - Type : ACT_GATHER_INFO
2013-08-14 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130813_httpd_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-08-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1156.nasl - Type : ACT_GATHER_INFO
2013-08-14 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1156.nasl - Type : ACT_GATHER_INFO
2013-08-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1156.nasl - Type : ACT_GATHER_INFO
2013-08-10 Name : The remote Fedora host is missing a security update.
File : fedora_2013-13994.nasl - Type : ACT_GATHER_INFO
2013-08-07 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2013-218-02.nasl - Type : ACT_GATHER_INFO
2013-07-23 Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_4_6.nasl - Type : ACT_GATHER_INFO
2013-07-22 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_ca4d63fbf15c11e2b18320cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2013-07-16 Name : The remote web server may be affected by multiple cross-site scripting vulner...
File : apache_2_2_25.nasl - Type : ACT_GATHER_INFO
2013-07-16 Name : The remote web server is affected by several vulnerabilities.
File : apache_2_0_65.nasl - Type : ACT_GATHER_INFO
2013-07-16 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1903-1.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0815.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-193.nasl - Type : ACT_GATHER_INFO
2013-07-06 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f3d24aeee5ad11e2b18320cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2013-06-16 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-174.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130513_httpd_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-05-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0815.nasl - Type : ACT_GATHER_INFO
2013-05-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0815.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-09-19 00:18:35
  • First insertion