PT-2018-3177 · Apache+5 · Apache Http Server+5

Publicado

2018-03-21

Atualizado

2021-06-06

CVE-2018-1283

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Apache httpd versions 2.4.0 through 2.4.29

Description The issue arises when mod session is configured to forward its session data to CGI applications, allowing a remote user to influence their content by using a "Session" header. This is due to the "HTTP SESSION" variable name used by mod session, which conflicts with the prefix "HTTP " used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications.

Recommendations For Apache httpd versions 2.4.0 through 2.4.29, consider disabling the mod session module or setting SessionEnv to off to prevent the exploitation of this issue. As a temporary workaround, restrict access to CGI applications that use the HTTP SESSION variable until a patch is available.

Correção

RCE

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-416

Identificadores relacionados

ALT-PU-2018-1519

BDU:2019-04308

CESA-2020_3958

CVE-2018-1283

DSA-4164-1

MGASA-2018-0460

RHSA-2018:3558

RHSA-2019:0367

RHSA-2020:3958

RHSA-2020_3958

SUSE-SU-2018:0879-1

SUSE-SU-2018:0901-1

SUSE-SU-2018:1161-1

SUSE-SU-2018:1161-2

USN-3627-1

USN-3627-2

Produtos afetados

Alt Linux

Apache Http Server

Centos

Red Hat

Suse

Ubuntu

PT-2018-3177 · Apache+5 · Apache Http Server+5

CVE-2018-1283

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 124