Buffer Overflow in mod_ssl

2003-04-17T00:00:00
ID VU:104555
Type cert
Reporter CERT
Modified 2003-06-17T00:00:00

Description

Overview

A buffer overflow exists in mod_ssl.

Description

mod_ssl is an Apache module that allows secure connections over X.509 authenticated channels. A buffer overflow exists in the ssl_compat_directive() function. For more detailed information, please see the original vulnerability report.


Impact

A local attacker can execute arbitrary code with the privileges of the web server. Additionally, an attacker may be able to add bogus entries to multiple web server log files. An attacker may also be able to slow down or even stop the web server.


Solution

Apply a patch from your vendor.


Do not allow per-directory config files. To accomplish this, set the AllowOverride directive to "none" in the httpd.conf file. As a reminder, you must restart the web server for the changes to take effect.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Apple Computer Inc.| | -| 30 Apr 2003
Conectiva| | -| 08 Jul 2002
Debian| | -| 30 Apr 2003
Engarde| | -| 17 Apr 2003
Hewlett-Packard Company| | -| 17 Apr 2003
IBM| | -| 17 Jun 2003
Red Hat Inc.| | -| 30 Apr 2003
SCO| | -| 17 Apr 2003
The mod_ssl project| | -| 08 Jul 2002
Extreme Networks| | -| 01 May 2003
Foundry Networks Inc.| | -| 07 May 2003
Hitachi| | -| 08 May 2003
Ingrian Networks| | -| 02 May 2003
SGI| | -| 30 Apr 2003
Xerox Corporation| | -| 30 May 2003
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

Credit

This vulnerability was discovered by Frank Denis.

This document was written by Ian A Finlay.

Other Information

  • CVE IDs: CVE-2002-0653
  • Date Public: 24 Jun 2002
  • Date First Published: 17 Apr 2003
  • Date Last Updated: 17 Jun 2003
  • Severity Metric: 23.62
  • Document Revision: 34