PT-2018-3177 · Apache+5 · Apache Http Server+5

Published

2018-03-21

Updated

2021-06-06

CVE-2018-1283

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Apache httpd versions 2.4.0 through 2.4.29

Description The issue arises when mod session is configured to forward its session data to CGI applications, allowing a remote user to influence their content by using a "Session" header. This is due to the "HTTP SESSION" variable name used by mod session, which conflicts with the prefix "HTTP " used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications.

Recommendations For Apache httpd versions 2.4.0 through 2.4.29, consider disabling the mod session module or setting SessionEnv to off to prevent the exploitation of this issue. As a temporary workaround, restrict access to CGI applications that use the HTTP SESSION variable until a patch is available.

Fix

RCE

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-416

Related Identifiers

ALT-PU-2018-1519

BDU:2019-04308

CESA-2020_3958

CVE-2018-1283

DSA-4164-1

MGASA-2018-0460

RHSA-2018:3558

RHSA-2019:0367

RHSA-2020:3958

RHSA-2020_3958

SUSE-SU-2018:0879-1

SUSE-SU-2018:0901-1

SUSE-SU-2018:1161-1

SUSE-SU-2018:1161-2

USN-3627-1

USN-3627-2

Affected Products

Alt Linux

Apache Http Server

Centos

Red Hat

Suse

Ubuntu

PT-2018-3177 · Apache+5 · Apache Http Server+5

CVE-2018-1283

Weakness Enumeration

Related Identifiers

Affected Products

References · 124