IBM HTTP Server 7.0.0.0 <= 7.0.0.45 / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 < 8.5.5.17 / 9.0.0.0 < 9.0.5.1 Multiple Vulnerabilities (964768)

medium Nessus Plugin ID 144775

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities as follows:

- In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). (CVE-2018-20843)

- In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. (CVE-2019-10092)

- In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL. (CVE-2019-10098)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to IBM HTTP Server version 8.5.5.17, 9.0.5.1, or later. Alternatively, upgrade to the minimal fix pack levels required by the interim fix and then apply Interim Fix PH14974.

See Also

https://www.ibm.com/support/pages/node/964768

Plugin Details

Severity: Medium

ID: 144775

File Name: ibm_http_server_964768.nasl

Version: 1.5

Type: local

Agent: unix

Family: Web Servers

Published: 1/6/2021

Updated: 12/7/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2019-10098

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:http_server

Required KB Items: installed_sw/IBM HTTP Server (IHS)

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/18/2019

Vulnerability Publication Date: 6/24/2019

Reference Information

CVE: CVE-2018-20843, CVE-2019-10092, CVE-2019-10098