Mod_Perl Path_Info Remote Denial Of Service Vulnerability

Bugtraq ID:	23192
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-1349
Remote:	Yes
Local:	No
Published:	Mar 29 2007 12:00AM
Updated:	Aug 05 2010 09:15PM
Credit:	Alex Solovey is credited with the discovery of this vulnerability.
Vulnerable:	Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Trustix Secure Linux 3.0.5 Trustix Secure Linux 3.0 Trustix Secure Linux 2.0 Trustix Operating System Enterprise Server 2.0 SuSE SUSE Linux Enterprise Server 9 SuSE SUSE Linux Enterprise Server 8 + Linux kernel 2.4.21 + Linux kernel 2.4.19 Sun Solaris 9_x86 Sun Solaris 9_sparc Sun Solaris 8_x86 Sun Solaris 8_sparc Sun Solaris 10_x86 Sun OpenSolaris build snv_99 Sun OpenSolaris build snv_98 Sun OpenSolaris build snv_96 Sun OpenSolaris build snv_95 Sun OpenSolaris build snv_94 Sun OpenSolaris build snv_93 Sun OpenSolaris build snv_92 Sun OpenSolaris build snv_91 Sun OpenSolaris build snv_90 Sun OpenSolaris build snv_89 Sun OpenSolaris build snv_88 Sun OpenSolaris build snv_87 Sun OpenSolaris build snv_86 Sun OpenSolaris build snv_85 Sun OpenSolaris build snv_84 Sun OpenSolaris build snv_83 Sun OpenSolaris build snv_82 Sun OpenSolaris build snv_81 Sun OpenSolaris build snv_80 Sun OpenSolaris build snv_78 Sun OpenSolaris build snv_77 Sun OpenSolaris build snv_76 Sun OpenSolaris build snv_68 Sun OpenSolaris build snv_67 Sun OpenSolaris build snv_64 Sun OpenSolaris build snv_61 Sun OpenSolaris build snv_59 Sun OpenSolaris build snv_58 Sun OpenSolaris build snv_57 Sun OpenSolaris build snv_54 Sun OpenSolaris build snv_51 Sun OpenSolaris build snv_50 Sun OpenSolaris build snv_49 Sun OpenSolaris build snv_48 Sun OpenSolaris build snv_47 Sun OpenSolaris build snv_45 Sun OpenSolaris build snv_41 Sun OpenSolaris build snv_39 Sun OpenSolaris build snv_38 Sun OpenSolaris build snv_37 Sun OpenSolaris build snv_36 Sun OpenSolaris build snv_29 Sun OpenSolaris build snv_28 Sun OpenSolaris build snv_22 Sun OpenSolaris build snv_19 Sun OpenSolaris build snv_13 Sun OpenSolaris build snv_123 Sun OpenSolaris build snv_122 Sun OpenSolaris build snv_121 Sun OpenSolaris build snv_120 Sun OpenSolaris build snv_119 Sun OpenSolaris build snv_118 Sun OpenSolaris build snv_117 Sun OpenSolaris build snv_116 Sun OpenSolaris build snv_115 Sun OpenSolaris build snv_114 Sun OpenSolaris build snv_113 Sun OpenSolaris build snv_112 Sun OpenSolaris build snv_111a Sun OpenSolaris build snv_111 Sun OpenSolaris build snv_110 Sun OpenSolaris build snv_109 Sun OpenSolaris build snv_108 Sun OpenSolaris build snv_107 Sun OpenSolaris build snv_106 Sun OpenSolaris build snv_105 Sun OpenSolaris build snv_104 Sun OpenSolaris build snv_103 Sun OpenSolaris build snv_102 Sun OpenSolaris build snv_101a Sun OpenSolaris build snv_101 Sun OpenSolaris build snv_100 Sun OpenSolaris build snv_02 Sun OpenSolaris build snv_01 SGI ProPack 3.0 SP6 Redhat Red Hat Network Satellite Server 5.0 Redhat Network Satellite (for RHEL 4) 5.1 Redhat Network Satellite (for RHEL 4) 4.2 Redhat Network Satellite (for RHEL 3) 4.2 Redhat Network Proxy (for RHEL 4) 5.1 Redhat Network Proxy (for RHEL 4) 5.0 Redhat Network Proxy (for RHEL 4) 4.2 Redhat Network Proxy (for RHEL 3) 4.2 Redhat Fedora 7 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux WS 2.1 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux ES 2.1 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux AS 4 Redhat Enterprise Linux AS 3 Redhat Enterprise Linux AS 2.1 IA64 Redhat Enterprise Linux AS 2.1 Redhat Enterprise Linux 5 Server Redhat Desktop 4.0 Redhat Desktop 3.0 Redhat Certificate Server 7.3 Redhat Application Stack v1 for Enterprise Linux ES 4 Redhat Application Stack v1 for Enterprise Linux AS 4 Redhat Advanced Workstation for the Itanium Processor 2.1 OpenPKG OpenPKG 2.5 OpenPKG OpenPKG 2.4 OpenPKG OpenPKG 2.3 OpenPKG OpenPKG 2.2 OpenPKG OpenPKG 2.1 OpenPKG OpenPKG 2.0 OpenPKG OpenPKG E1.0-Solid OpenPKG OpenPKG 2-Stable-20061018 Mandriva Linux Mandrake 2006.0 x86_64 Mandriva Linux Mandrake 2006.0 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Gentoo Linux Avaya Messaging Storage Server MM3.0 Avaya Messaging Storage Server 2.0 Avaya Messaging Storage Server 1.0 Avaya Messaging Storage Server Avaya Message Networking Avaya Intuity R5 R5.1.46 Avaya Intuity S3400 Avaya Intuity S3210 Avaya Intuity LX 2.0 Avaya Intuity LX Avaya Interactive Response 4.0 Avaya Interactive Response 3.0 Avaya EMMC 1.017 Avaya Communication Manager 2.0.1 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 + Avaya Communication Manager Server S8700 Avaya Communication Manager 2.0 Avaya Communication Manager 3.0 Apache mod_perl 2.0.3 Apache mod_perl 2.0.2 Apache mod_perl 2.0.1 Apache mod_perl 1.29 Apache mod_perl 1.27 Apache mod_perl 1.99
Not Vulnerable:	Sun OpenSolaris build snv_124 Avaya Communication Manager 3.1 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700

Mod_Perl Path_Info Remote Denial Of Service Vulnerability

The 'mod_perl' module is prone to a remote denial-of-service vulnerability.

Successful exploits may allow remote attackers to cause denial-of-service conditions on the webserver running the mod_perl module.

Mod_Perl Path_Info Remote Denial Of Service Vulnerability

Attackers can use a browser to exploit this issue.

Mod_Perl Path_Info Remote Denial Of Service Vulnerability

Solution:
Updates are available. Please see the references for more information.


Apache mod_perl 1.99

• Mandriva apache2-mod_perl-2.0.48_1.99_11-3.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva apache2-mod_perl-2.0.48_1.99_11-3.1.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva apache2-mod_perl-devel-2.0.48_1.99_11-3.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva apache2-mod_perl-devel-2.0.48_1.99_11-3.1.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download

Apache mod_perl 1.29

• Mandriva apache-mod_perl-1.3.29_1.29-3.2.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva apache-mod_perl-1.3.29_1.29-3.2.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva apache2-mod_perl-2.0.48_1.99_11-3.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva HTML-Embperl-1.3.29_1.3.6-3.2.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva HTML-Embperl-1.3.29_1.3.6-3.2.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva mod_perl-common-1.3.29_1.29-3.2.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva mod_perl-common-1.3.29_1.29-3.2.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download


• Mandriva mod_perl-devel-1.3.29_1.29-3.2.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva mod_perl-devel-1.3.29_1.29-3.2.C30mdk.x86_64.rpm
  Corporate 3.0/X86_64:
  http://www.mandriva.com/en/download

Apache mod_perl 2.0.3

• Mandriva apache-mod_perl-2.0.3-3.1mdv2007.1.i586.rpm
  Mandriva Linux 2007.1:
  http://www.mandriva.com/en/download


• Mandriva apache-mod_perl-2.0.3-3.1mdv2007.1.x86_64.rpm
  Mandriva Linux 2007.1/X86_64:
  http://www.mandriva.com/en/download


• Mandriva apache-mod_perl-devel-2.0.3-3.1mdv2007.1.i586.rpm
  Mandriva Linux 2007.1:
  http://www.mandriva.com/en/download


• Mandriva apache-mod_perl-devel-2.0.3-3.1mdv2007.1.x86_64.rpm
  Mandriva Linux 2007.1/X86_64:
  http://www.mandriva.com/en/download

SGI ProPack 3.0 SP6

• SGI Patch 10421
  ftp://oss.sgi.com/projects/sgi_propack/download/

Mod_Perl Path_Info Remote Denial Of Service Vulnerability

References:

• MP1 Security issue (GossamerThreads)
  
• RHSA-2007:0395-8 - mod_perl security update (RedHat)
  
• RHSA-2007:0396-3 - mod_perl security update (RedHat)
  
• RHSA-2007:0486-2 - mod_perl security update (RedHat)
  
• Vendor Homepage (Apache Mod_Perl)
  
• ASA-2009-525: Security Vulnerabilities in the Apache 2 "mod_perl2" Module Compon (Avaya)
  
• Avaya Security Advisory ASA-2007-293 mod_perl security update (Avaya)
  
• RHSA-2008:0261-4 Moderate: Red Hat Network Satellite Server security update (Red Hat)
  
• RHSA-2008:0263-2 Red Hat Network Proxy Server security update (Red Hat)
  
• RHSA-2008:0523-1 Low: Red Hat Network Proxy Server security update (Red Hat)
  
• RHSA-2008:0524-4 Low: Red Hat Network Satellite Server security update (Red Hat)
  
• RHSA-2008:0627-2 Low: Red Hat Network Proxy Server security update (Red Hat)
  
• RHSA-2008:0630-3 Low: Red Hat Network Satellite Server security update (Red Hat)
  
• Solution 248386: Security vulnerability in Solaris Related to the Apache 1.3 mod (Sun)
  
• Sun 272230 Security Vulnerabilities in the Apache 2 'mod_perl2' Module Component (Sun)