Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
BID:50639
Info
Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
| Bugtraq ID: | 50639 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2011-4415 |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 10 2011 12:00AM |
| Updated: | May 10 2013 07:02AM |
| Credit: | halfdog |
| Vulnerable: |
HP System Management Homepage 7.0 HP System Management Homepage 6.3 HP System Management Homepage 6.2 HP System Management Homepage 6.1 HP System Management Homepage 6.0 Apache Software Foundation Apache 2.2.15 Apache Software Foundation Apache 2.2.14 Apache Software Foundation Apache 2.2.13 Apache Software Foundation Apache 2.2.12 Apache Software Foundation Apache 2.2.11 Apache Software Foundation Apache 2.2.10 Apache Software Foundation Apache 2.2.9 Apache Software Foundation Apache 2.2.8 Apache Software Foundation Apache 2.2.6 Apache Software Foundation Apache 2.2.5 Apache Software Foundation Apache 2.2.4 Apache Software Foundation Apache 2.2.3 Apache Software Foundation Apache 2.2 Apache Software Foundation Apache 2.0.63 Apache Software Foundation Apache 2.0.61 Apache Software Foundation Apache 2.0.60 Apache Software Foundation Apache 2.0.59 Apache Software Foundation Apache 2.0.58 Apache Software Foundation Apache 2.0.57 Apache Software Foundation Apache 2.0.56 Apache Software Foundation Apache 2.0.55 Apache Software Foundation Apache 2.0.54 Apache Software Foundation Apache 2.0.53 Apache Software Foundation Apache 2.0.52 Apache Software Foundation Apache 2.0.51 Apache Software Foundation Apache 2.0.50 Apache Software Foundation Apache 2.0.49 Apache Software Foundation Apache 2.0.48 Apache Software Foundation Apache 2.0.47 Apache Software Foundation Apache 2.0.46 Apache Software Foundation Apache 2.0.45 Apache Software Foundation Apache 2.0.44 Apache Software Foundation Apache 2.0.43 Apache Software Foundation Apache 2.0.42 Apache Software Foundation Apache 2.0.41 Apache Software Foundation Apache 2.0.40 Apache Software Foundation Apache 2.0.39 Apache Software Foundation Apache 2.0.38 Apache Software Foundation Apache 2.0.37 Apache Software Foundation Apache 2.0.36 Apache Software Foundation Apache 2.0.35 Apache Software Foundation Apache 2.0 Apache Software Foundation Apache 2.2.21 Apache Software Foundation Apache 2.2.20 Apache Software Foundation Apache 2.2.19 Apache Software Foundation Apache 2.2.18 Apache Software Foundation Apache 2.2.17 Apache Software Foundation Apache 2.2.16 Apache Software Foundation Apache 2.2.1 Apache Software Foundation Apache 2.2 Apache Software Foundation Apache 2.0.64 |
| Not Vulnerable: | |
Discussion
Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
Apache HTTP Server is prone to a local denial-of-service vulnerability because of a NULL-pointer dereference error or a memory exhaustion.
Local attackers can exploit this issue to trigger a NULL-pointer dereference or memory exhaustion, and cause a server crash, denying service to legitimate users.
Note: To trigger this issue, 'mod_setenvif' must be enabled and the attacker should be able to place a malicious '.htaccess' file on the affected webserver.
Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21 are vulnerable. Other versions may also be affected.
Apache HTTP Server is prone to a local denial-of-service vulnerability because of a NULL-pointer dereference error or a memory exhaustion.
Local attackers can exploit this issue to trigger a NULL-pointer dereference or memory exhaustion, and cause a server crash, denying service to legitimate users.
Note: To trigger this issue, 'mod_setenvif' must be enabled and the attacker should be able to place a malicious '.htaccess' file on the affected webserver.
Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21 are vulnerable. Other versions may also be affected.
Exploit / POC
Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
Attackers need local interactive access to exploit this issue.
Attackers need local interactive access to exploit this issue.
Solution / Fix
Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Apache HTTP Server 'ap_pregsub()' Function Local Denial of Service Vulnerability
References:
References:
- Apache Homepage (Apache Software Foundation)
- Integer Overflow in Apache ap_pregsub via mod-setenvif (halfdog)
- Really big regex results from ap_pregsub (Apache)