Detections
Analytics

Apache < 1.3.31 mod_access IP Address Netmask Rule Bypass

high Nessus Plugin ID 14177

Language:

Synopsis

The remote web server is affected by an access control bypass vulnerability.

Description

The remote host is running a version of Apache web server prior to 1.3.31. It is, therefore, affected by an access control bypass vulnerability due to a failure, on big-endian 64-bit platforms, to properly match 'allow' or 'deny' rules that contain an IP address but lack a corresponding netmask.

Nessus has determined the vulnerability exists only by looking at the Server header returned by the web server running on the target. If the target is not a big-endian 64-bit platform, consider this a false positive.

Solution

Upgrade to Apache web server version 1.3.31 or later.

See Also

http://www.apacheweek.com/features/security-13

http://marc.info/?l=apache-cvs&m=107869603013722

https://bz.apache.org/bugzilla/show_bug.cgi?id=23850

Plugin Details

Severity: High

ID: 14177

File Name: apache_access_wo_netmask.nasl

Version: 1.31

Type: remote

Family: Web Servers

Published: 7/31/2004

Updated: 6/12/2020

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:http_server

Required KB Items: Settings/ParanoidReport, installed_sw/Apache

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 3/8/2004

Reference Information

CVE: CVE-2003-0993

BID: 9829

GLSA: GLSA 200405-22

MDKSA: MDKSA-2004:046

SSA: SSA:2004-133-01

Secunia: 11088, 11681, 11719, 12246