Detections
Analytics

Apache mod_ssl ssl_engine_log.c mod_proxy Hook Function Remote Format String

high Nessus Plugin ID 13651

Language:

Synopsis

The remote web server is using a module that is affected by a remote code execution vulnerability.

Description

The remote host is using a version vulnerable of mod_ssl which is older than 2.8.19. There is a format string condition in the log functions of the remote module which may allow an attacker to execute arbitrary code on the remote host.

*** Some vendors patched older versions of mod_ssl, so this
*** might be a false positive. Check with your vendor to determine
*** if you have a version of mod_ssl that is patched for this
*** vulnerability

Solution

Upgrade to mod_ssl version 2.8.19 or newer

See Also

http://marc.info/?l=apache-modssl&m=109001100906749&w=2

https://marc.info/?l=bugtraq&m=109005001205991&w=2

Plugin Details

Severity: High

ID: 13651

File Name: mod_ssl_hook_functions_format_string_vuln.nasl

Version: 1.27

Type: remote

Family: Web Servers

Published: 7/16/2004

Updated: 12/22/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2004-0700

Vulnerability Information

CPE: cpe:/a:apache:http_server, cpe:/a:mod_ssl:mod_ssl

Required KB Items: www/apache

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 7/16/2004

Reference Information

CVE: CVE-2004-0700

BID: 10736