Detections
Analytics
Amazon Linux AMI : httpd (ALAS-2011-9)
medium Nessus Plugin ID 78270
Language:
Synopsis
The remote Amazon Linux AMI host is missing a security update.Description
It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker. (CVE-2011-3368)It was discovered that mod_proxy_ajp incorrectly returned an 'Internal Server Error' response when processing certain malformed HTTP requests, which caused the back-end server to be marked as failed in configurations where mod_proxy was used in load balancer mode. A remote attacker could cause mod_proxy to not send requests to back-end AJP (Apache JServ Protocol) servers for the retry timeout period or until all back-end servers were marked as failed. (CVE-2011-3348)
Solution
Run 'yum update httpd' to update your system.See Also
Plugin Details
Severity: Medium
ID: 78270
File Name: ala_ALAS-2011-9.nasl
Version: 1.4
Type: local
Agent: unix
Published: 10/12/2014
Updated: 4/18/2018
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Vulnerability Information
CPE: p-cpe:/a:amazon:linux:httpd-tools, p-cpe:/a:amazon:linux:mod_ssl, p-cpe:/a:amazon:linux:httpd-devel, p-cpe:/a:amazon:linux:httpd-debuginfo, cpe:/o:amazon:linux, p-cpe:/a:amazon:linux:httpd, p-cpe:/a:amazon:linux:httpd-manual
Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
Patch Publication Date: 10/31/2011
Reference Information
CVE: CVE-2011-3348, CVE-2011-3368