Vulnerability Note VU#541310

Apache HTTP Server contains a buffer overflow in the mod_proxy module

Original Release date: 19 Oct 2004 | Last revised: 19 Oct 2004

Overview

Apache Web Server contains a buffer overflow vulnerability in the mod_proxy module that may allow a remote attacker to execute arbitrary code or launch a denial of service (DoS) attack.

Description

The Apache Server is an open-source web server offered by The Apache Software Foundation. The Apache Server uses the mod_proxy module to implement proxying for various common protocols such as FTP and HTTP. In versions of Apache prior to and including 1.3.31-r2, the mod_proxy module contains a buffer overflow vulnerability located in the file proxy_util.c. To exploit this vulnerability an attacker must persuade an Apache server with mod_proxy enabled to connect to a malicious server configured to return an invalid content-length header.

Impact

A remote attacker may be able to execute arbitrary code with the privileges of an Apache child process. Exploitation of this vulnerability may completely disable the Apache

server resulting in a denial-of-service condition.

Solution

Upgrade Apache

Apache states this issue was fixed in Apache httpd 1.3.32-dev.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
ApacheAffected-20 Aug 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was reported by Georgi Guninski.

This document was written by Jeff Gennari.

Other Information

  • CVE IDs: CAN-2004-0492
  • Date Public: 10 Jun 2004
  • Date First Published: 19 Oct 2004
  • Date Last Updated: 19 Oct 2004
  • Severity Metric: 4.02
  • Document Revision: 106

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.