Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Apache
дополнено с 15 марта 2015 г.
Опубликовано:16 апреля 2015 г.
Источник:
SecurityVulns ID:14306
Тип:удаленная
Уровень опасности:
6/10
Описание:Обход ограничений в mod_headers, DoS в mod_cache, обход ограничений и DoS в mod_lua, DoS в mod_proxy_fcgi, обход защиты в mod_gnutls.
Затронутые продукты:APACHE : Apache 2.4
CVE:CVE-2015-2091 (The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof clients via a crafted certificate.)
 CVE-2015-0228 (The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.)
 CVE-2014-8109 (mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.)
 CVE-2014-3583 (The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.)
 CVE-2014-3581 (The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.)
 CVE-2013-5704 (The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such.")
Оригинальный текстdocumentNicholas Lemonias., Apache HTTPD 2.4.12, 2.2.29 Security Audit - Advanced Information Security Corp (16.04.2015)
 documentNicholas Lemonias., Security Advisory - Apache HTTP Server 2.2.29 / 2.4.12 NULL Pointer dereference in protocol.c (16.04.2015)
 documentDEBIAN, [SECURITY] [DSA 3177-1] mod-gnutls security update (15.03.2015)
 documentUBUNTU, [USN-2523-1] Apache HTTP Server vulnerabilities (15.03.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород