Lucene search

K
ibmIBMF6B00EC6AE1A8AB6EA169B30F9043A8A750294E89004BC872C120C7B42AC16A4
HistoryApr 20, 2020 - 2:40 p.m.

Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect Rational Build Forge (CVE-2018-1283, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2017-15710, CVE-2017-15715, CVE-2018-1301)

2020-04-2014:40:53
www.ibm.com
15

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

Summary

There are multiple vulnerabilities in Apache HTTP Server affecting IBM Rational Build Forge.

Vulnerability Details

CVEID:CVE-2018-1283
DESCRIPTION: Apache HTTPD could allow a remote attacker to bypass security restrictions, caused by an error when mod_session is configured with SessionEnv on to forward session data to CGI applications. By using a specially crafted “Session” header, an attacker could exploit this vulnerability to modify mod_session data on the system. CVSS Base Score: 5.3 CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140856&gt; for the current score. CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N)

CVEID:***CVE-2018-1302
DESCRIPTION: Apache HTTPD could provide weaker than expected security. By sending specially crafted data, an attacker could write a NULL pointer to an already freed memory when shutting down an HTTP/2 stream. CVSS Base Score: 5.3 CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140855&gt; for the current score. CVSS Environmental Score
: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2018-1303
DESCRIPTION: Apache HTTPD is vulnerable to a denial of service, caused by an out-of-bounds memory read error in mod_cache_socache. By sending a specially crafted HTTP request header, an attacker could exploit this vulnerability to cause the service to crash. CVSS Base Score: 7.5 CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140854&gt; for the current score. CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2018-1312
DESCRIPTION: Apache HTTPD could allow a remote attacker to bypass security restrictions, caused by the failure to properly generate an HTTP Digest authentication nonce when generating an HTTP Digest authentication challenge. An attacker could exploit this vulnerability to replay HTTP requests across servers without detection. CVSS Base Score: 5.3 CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140853&gt; for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVEID: CVE-2018-1301 **DESCRIPTION:**Apache HTTPD is vulnerable to a denial of service, caused by an out-of-bounds access error after a header size limit has been reached reading the HTTP header. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to cause the service to crash. **CVSS Base Score: **5.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140852&gt; for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2017-15715
**DESCRIPTION:**Apache HTTPD could allow a remote attacker to bypass security restrictions, caused by the < FilesMatch > expression matching ‘$’ to a newline character in a malicious filename instead of the end of the filename. By matching the trailing portion of the filename, an attacker could exploit to bypass security controls that use the < FilesMatch > directive.
CVSS Base Score: 3.7 **CVSS Temporal Score: **See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140857&gt; for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2017-15710 **DESCRIPTION: **Apache HTTPD is vulnerable to a denial of service, caused by an out-of-bounds memory write error. By sending a specially crafted Accept-Language header value, an attacker could exploit this vulnerability to cause the service to crash. **CVSS Base Score:**5.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140858&gt; for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected versions:

Remediation/Fixes

Apply the correct fix pack or iFix for your version of Build Forge:

Affected Version Fix
Build Forge 8.0 - 8.0.0.7 Rational Build Forge 8.0.0.8 Download.

Workarounds and Mitigations

None.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

Related for F6B00EC6AE1A8AB6EA169B30F9043A8A750294E89004BC872C120C7B42AC16A4