Vulnerability Note VU#303448

mod_ssl contains a format string vulnerability in the ssl_log() function

Overview

There is a format string vulnerability in the ssl_log() function of the mod_ssl module that could allow an attacker to potentially execute arbitrary code.

I. Description

mod_ssl is an Apache module that provides Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocol support. There is a format string vulnerability in way the ssl_log() function of the mod_ssl module handles hostnames. By supplying a specially crafted hostname value in an HTTPS request, a remote, unauthenticated attacker could trigger this vulnerability. Please note, the hostname provided would have to exist in the zone.

II. Impact

A remote, unauthenticated attacker could potentially execute arbitrary code on an affected system.

III. Solution

Upgrade

Upgrade to version 2.8.19-1.3.31. Alternatively, apply the appropriate patch or upgrade as specified by your vendor.

Systems Affected

Vendor	Status	Date Updated
Mod_ssl	Vulnerable	19-Jul-2004

References

http://www.modssl.org/news/
http://secunia.com/advisories/12077/
http://www.securitytracker.com/alerts/2004/Jul/1010717.html

Credit

This vulnerability was reported by Secunia.

This document was written by Damon Morda.

Other Information

Date Public	07/16/2004
Date First Published	07/19/2004 12:57:00 PM
Date Last Updated	07/19/2004
CERT Advisory
CVE Name
US-CERT Technical Alerts
Metric	6.04
Document Revision	6

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader