Apache mod_perl Module File Descriptor Leakage Vulnerability
BID:9471
Info
Apache mod_perl Module File Descriptor Leakage Vulnerability
| Bugtraq ID: | 9471 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 21 2004 12:00AM |
| Updated: | Jan 21 2004 12:00AM |
| Credit: | Discovery of this vulnerability has been credited to Steve Grubb <[email protected]>. |
| Vulnerable: |
Apache Apache 2.0.48 Apache Apache 2.0.47 Apache Apache 2.0.46 |
| Not Vulnerable: | |
Discussion
Apache mod_perl Module File Descriptor Leakage Vulnerability
A vulnerability has been reported to exist in the Apache mod_perl module that may allow local attackers to gain access to privileged file descriptors. This issue could be exploited by an attacker to hijack a vulnerable server daemon. Other attacks are also possible.
It has been reported that multiple file descriptors, are leaked to the mod_perl module and any processes it creates. This allows for Perl scripts and any processes they spawn to access the privileged I/O streams.
It should be noted that this issue appears to be distinct from the vulnerability described in BID 7255 (and patched in Apache 2.0.45). Versions later than Apache 2.0.45 reportedly still leak descriptors.
A vulnerability has been reported to exist in the Apache mod_perl module that may allow local attackers to gain access to privileged file descriptors. This issue could be exploited by an attacker to hijack a vulnerable server daemon. Other attacks are also possible.
It has been reported that multiple file descriptors, are leaked to the mod_perl module and any processes it creates. This allows for Perl scripts and any processes they spawn to access the privileged I/O streams.
It should be noted that this issue appears to be distinct from the vulnerability described in BID 7255 (and patched in Apache 2.0.45). Versions later than Apache 2.0.45 reportedly still leak descriptors.
Exploit / POC
Solution / Fix
Apache mod_perl Module File Descriptor Leakage Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Apache mod_perl Module File Descriptor Leakage Vulnerability
References:
References:
- Apache Homepage (Apache Software Foundation)
- Hijacking Apache 2 via mod_perl (Steve Grubb
) - Re: Hijacking Apache 2 via mod_perl ([email protected] (Lupe Christoph))
- Re: Hijacking Apache 2 via mod_perl (Ben Laurie
) - Re: Hijacking Apache 2 via mod_perl (Steve G
) - Re: Re[2]: Hijacking Apache 2 via mod_perl (Steve G
) - Re[2]: Hijacking Apache 2 via mod_perl (3APA3A <[email protected]>)